Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPDIAG
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: Modified =>PUA.StartShow
[MD5.0FAB06AF673FF112A8F3B0765DE9ACC5] - (.Elex do Brasil Participaç?es Ltda - YACTray.) -- C:\Program Files\Elex-tech\YAC\iSafeTray.exe [368000] [PID.3092] =>PUP.Elex
G2 - EXT: C:\Users\DJILANI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch [Ask Toolbar] =>Toolbar.Ask
G2 - EXT: C:\Users\DJILANI\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb [CinemaP-1.9cV16.03] =>PUP.CrossRider
M3 - MFPP: Plugins - [DJILANI] -- C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\searchplugins\delta-homes.xml =>Hijacker.DeltaHomes
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\fftoolbar2014@etech.com] [] FF Toolbar v1.0.0.1025 (..) =>Adware.FFToolBar
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\quick_searchff@gmail.com] [] QuickSearch v1.0.0.1025 (..) =>PUP.QuickSearch
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\searchengine@gmail.com] [] Search Enginer v1.0.0.1027 (..) =>PUP.SearchEngine
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\sweetsearch@gmail.com] [] Search Enginer v1.0.0.1031 (..) =>PUP.SearchEngine
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] fftoolbar2014@etech.com =>Adware.FFToolBar
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] quick_searchff@gmail.com =>PUP.QuickSearch
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] sweetsearch@gmail.com =>PUP.SweetSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com =>PUP.V9Software
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com =>PUP.V9Software
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com =>PUP.V9Software
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com =>PUP.V9Software
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Ask Toolbar BHO - {5054562D-5247-006A-76A7-7A786E7484D7} . (...) -- "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" (.not file.) =>Toolbar.AskBar
O2 - BHO: LuckyTab Class - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\XTab\SupTab.dll =>PUP.LuckyTab
O3 - Toolbar: Ask Toolbar - [HKLM]{5054562D-5247-006A-76A7-7A786E7484D7} . (...) -- C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll =>Toolbar.AskBar
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe http://www.oursurfing.com =>Hijacker.OurSurfing
O4 - GS\QuickLaunch [DJILANI]: Chrome.LNK . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\DJILANI\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe http://sweets-pages.com =>Hijacker.Browsers
O4 - GS\QuickLaunch [DJILANI]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\SystemTools [DJILANI]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com =>Hijacker.OurSurfing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\XTab\ProtectService.exe =>Adware.AgentODR
O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participaç?es Ltda - iSafeSvc.) - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Windows SysTool - Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[MD5.CA189CB28ED318B44A2A89F0B35B1831] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [801048] =>PUA.KMSpico
[MD5.877759FE37E2EED150C792006B342BC3] [APT] [BYAIAMUF] (.Cinema PlusV16.03.) -- C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe [2035200] =>PUP.CrossRider
[MD5.B23B61AF1349EAB73480714042C21518] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe [1408512] =>PUP.CrossRider
[MD5.1B3B0B7E6E8E4E8122A885C5ED460360] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe [1127424] =>PUP.CrossRider
[MD5.F8C3B8761686BCBC80ACDB6A5317702B] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe [1480192] =>PUP.CrossRider
[MD5.3D5758641084D02C8EA0308945D8CF20] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-5] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe [1190400] =>PUP.CrossRider
[MD5.3D5758641084D02C8EA0308945D8CF20] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe [1190400] =>PUP.CrossRider
[MD5.BA093B0EFDC06A2029E61123F8772AFA] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe [1474560] =>PUP.CrossRider
[MD5.1B3B0B7E6E8E4E8122A885C5ED460360] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-7] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe [1127424] =>PUP.CrossRider
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-4] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.exe [1380352] =>PUP.CrossRider
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [APT] [GNOK] (.Cinema PlusV16.03.) -- C:\Users\DJILANI\AppData\Roaming\GNOK.exe [1380352] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineUA] (...) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0] =>PUP.GlobalUpdate
[MD5.B23B61AF1349EAB73480714042C21518] [APT] [temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe [1408512] =>PUP.CrossRider
O39 - APT: BYAIAMUF - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\BYAIAMUF.job [1694] =>PUP.CrossRider
O39 - APT: BYAIAMUF - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\BYAIAMUF [1694] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job [3124] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 [3124] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job [3460] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 [3460] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job [2098] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user [2098] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job [5170] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 [5170] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job [4144] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 [4144] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job [4480] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 [4480] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job [5504] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 [5504] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job [5168] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 [5168] =>PUP.CrossRider
O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [962] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [962] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [966] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [966] =>PUP.GlobalUpdate
O39 - APT: GNOK - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\GNOK.job [1342] =>PUP.CrossRider
O39 - APT: GNOK - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\GNOK [1342] =>PUP.CrossRide
O39 - APT: temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job [3028] =>PUP.CrossRider
O39 - APT: temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 [3028] =>PUP.CrossRider
O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlMon) . (.Elex do Brasil Participaç?es Ltda - YAC Monitor Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys =>PUP.Elex
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participaç?es Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\DRIVERS\iSafeNetFilter.sys =>PUP.Elex
O41 - Driver: (MpKslbe06fdc1) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{169EE578-0042-4058-A660-30161E456245}\MpKslbe06fdc1.sys (.not file.)
O41 - Driver: (eamonm) . (. - .) - C:\Windows\System32\DRIVERS\eamonm.sys (.not file.)
O41 - Driver: (ehdrv) . (. - .) - C:\Windows\System32\DRIVERS\ehdrv.sys (.not file.)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM] -- {5054562D-5247-006A-76A7-A758B70C1C01} =>Toolbar.Ask
O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAC?ES LTDA.) [HKLM] -- iSafe =>PUP.Elex
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM] -- mystartsearch uninstall =>PUP.StartSearch
O42 - Logiciel: oursurfing uninstall - (.oursurfing.) [HKLM] -- oursurfing uninstall =>Hijacker.OurSurfing
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider
[HKCU\Software\CinemaP-1.9cV16.03] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\SearchProtectWS] =>PUP.SearchProtect
[HKCU\Software\SimplyTech] =>PUP.SimplyTech
[HKCU\Software\TNT2] =>Adware.TidyNetwork
[HKLM\Software\156eacdc-6be3-484e-958c-b1950c01381c] =>PUP.CrossRider
[HKLM\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider
[HKLM\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Elex-tech] =>PUP.Elex
[HKLM\Software\FFPluginHp] =>PUP.SweetSearch
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\IHProtect] =>Adware.AgentODR
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\oursurfingSoftware] =>Hijacker.OurSurfing
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu
O43 - CFD: 20/05/2015 - 22:41:06 - [] ----D C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 14/05/2015 - 15:07:54 - [] ----D C:\Program Files\CinemaP-1.9cV16.03 =>PUP.CrossRider
O43 - CFD: 11/06/2015 - 10:02:18 - [] ----D C:\Program Files\Elex-tech =>PUP.Elex
O43 - CFD: 03/04/2015 - 13:41:12 - [] ----D C:\Program Files\KMSpico =>PUA.KMSpico
O43 - CFD: 26/09/2014 - 21:24:57 - [] ----D C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 27/02/2015 - 18:50:38 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 20/05/2015 - 22:40:54 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 03/04/2015 - 13:41:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 11/06/2015 - 10:02:17 - [] ----D C:\Users\DJILANI\AppData\Roaming\Elex-tech =>PUP.Elex
O43 - CFD: 14/05/2015 - 15:01:53 - [] ----D C:\Users\DJILANI\AppData\Roaming\oursurfing =>Hijacker.OurSurfing
O43 - CFD: 16/06/2015 - 08:24:53 - [] ----D C:\Users\DJILANI\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 26/09/2014 - 21:25:02 - [] ----D C:\Users\DJILANI\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 14/05/2015 - 15:05:23 - [] ----D C:\Users\DJILANI\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O44 - LFC:[MD5.A365032F4D58E9A66D231B49A6975A9E] - 11/06/2015 - 10:02:51 ---A- . (.Elex do Brasil Participaç?es Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\iSafeNetFilter.sys [44712] =>PUP.Elex
O51 - MPSK:{1af2216c-1ef8-11e4-9046-fdba7ed70ed2}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O51 - MPSK:{1af22190-1ef8-11e4-9046-c96e18626587}\AutoRun\command. (...) -- J:\setup.exe (.not file.)
O51 - MPSK:{2bcc968a-3840-11e4-9e90-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2bcc9697-3840-11e4-9e90-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{65f1d644-368a-11e4-bea2-7c0507055c06}\AutoRun\command. (...) -- F:\SETUP.exe (.not file.)
O51 - MPSK:{7280e4c7-f95a-11e4-939f-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e5dd423-ed7f-11e4-bc50-7c0507055c06}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O51 - MPSK:{a51bf5a7-57ba-11e4-ad4e-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d962e60e-3fb6-11e4-9497-2cd05a555863}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{eaab4c0f-6bd8-11e4-8121-7c0507055c06}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (1).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (2).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (4).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:04 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^.exe [5970256] =>PUP.MindSpark
O61 - LFC: 16/06/2015 - 14:06:03 ---A- . (.Trend Micro Inc..) -- C:\Users\DJILANI\Desktop\HijackThis.exe [388608]
O69 - SBI: prefs.js [DJILANI - hbdjvkry.default-1422379215343] user_pref("extensions.crossrider.bic", "14d52c1b1e4b5385e472817f10b99fac"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {3A40E547-20FD-44a2-94D0-1C98342D1507} - (Daum) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com =>PUP.DoSearches
C:\Users\DJILANI\AppData\Roaming\uTorrent\Fine Print PDF MAKER + Keygen.rar.torrent =>.Crack,Keygen
C:\Users\DJILANI\AppData\Roaming\uTorrent\Fine Print PDF MAKER + Keygen.rar.torrent =>.Crack,Keygen
[MD5.877759FE37E2EED150C792006B342BC3] [SPRF][14/05/2015] (.Cinema PlusV16.03 - CinemaP-1.9cV16.03 exe.) -- C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe [2035200] =>PUP.CrossRider
[MD5.FB1A8421E929D33E99E42FA677ADE32C] [SPRF][08/08/2014] (...) -- C:\Users\DJILANI\AppData\Roaming\DJILANIlog.dat [42485]
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [SPRF][14/05/2015] (.Cinema PlusV16.03 - CinemaP-1.9cV16.03 exe.) -- C:\Users\DJILANI\AppData\Roaming\GNOK.exe [1380352] =>PUP.CrossRider
[MD5.47811D50390A86A17102D7496E6EABB9] [SPRF][16/06/2015] (.Trend Micro Inc. - HijackThis.) -- C:\Users\DJILANI\Desktop\HijackThis.exe [388608]
O87 - FAEL: "{4DBB6848-83D9-473C-B966-84284E9A173F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A1490656-5CA0-411A-A4EB-FBF26983075B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O90 - PUC: "D26545057425A600677A7A857BC0C110" . (.Ask Toolbar.) -- C:\Windows\Installer\{5054562D-5247-006A-76A7-A758B70C1C01}\ToolbarIcon.exe =>Toolbar.Ask
[MD5.3A71673A09138590C61CDAA158C117B5] [WIS][27/04/2015] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\b3e4fc.msi [516096] =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\amt_mystartsearch_RASAPI32 =>PUP.StartSearch
HKLM\SOFTWARE\Microsoft\Tracing\amt_mystartsearch_RASMANCS =>PUP.StartSearch
HKLM\SOFTWARE\Microsoft\Tracing\amt_oursurfing_RASAPI32 =>Hijacker.OurSurfing
HKLM\SOFTWARE\Microsoft\Tracing\amt_oursurfing_RASMANCS =>Hijacker.OurSurfing
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\Offercast2801_ARS__RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\Offercast2801_ARS__RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32 =>PUP.WpManager
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS =>PUP.WpManager
[HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask
[HKCR\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] (LuckyTab Class) =>PUP.LuckyTab
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
SS - | Auto 25/11/2013 800536 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
SR - | Auto 20/05/2015 157824 | (IHProtect Service) . (.XTab system.) - C:\Program Files\XTab\ProtectService.exe =>Adware.AgentODR
SR - | Auto 10/06/2015 118048 | (iSafeService) . (.Elex do Brasil Participaç?es Ltda.) - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
SR - | Auto 20/05/2015 602112 | (WindowsMangerProtect) . (.Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service] =>Adware.AgentODR^
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>PUP.Elex^
[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUA.KMSpico^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5054562D-5247-006A-76A7-A758B70C1C01}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>PUP.Elex^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall] =>PUP.StartSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall] =>Hijacker.OurSurfing^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{5054562D-5247-006A-76A7-7A786E7484D7} =>Toolbar.AskBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\fftoolbar2014@etech.com =>Adware.FFToolBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\quick_searchff@gmail.com =>PUP.QuickSearch^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\searchengine@gmail.com =>PUP.SearchEngine^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\sweetsearch@gmail.com =>PUP.SearchEngine^
C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar^
C:\Program Files\CinemaP-1.9cV16.03 =>PUP.CrossRider^
C:\Program Files\Elex-tech =>PUP.Elex^
C:\Program Files\KMSpico =>PUA.KMSpico^
C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar^
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\Users\DJILANI\AppData\Roaming\Elex-tech =>PUP.Elex^
C:\Users\DJILANI\AppData\Roaming\oursurfing =>Hijacker.OurSurfing^
C:\Users\DJILANI\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\DJILANI\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar^
C:\Users\DJILANI\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow^
C:\Program Files\Elex-tech\YAC\iSafeTray.exe =>PUP.Elex^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe =>PUP.CrossRider^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\fftoolbar2014@etech.com =>Adware.FFToolBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\quick_searchff@gmail.com =>PUP.QuickSearch^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\sweetsearch@gmail.com =>PUP.SweetSearch^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe =>PUP.CrossRider^
C:\Users\DJILANI\AppData\Roaming\GNOK.exe =>PUP.CrossRider^
C:\Windows\Tasks\BYAIAMUF.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\BYAIAMUF =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 =>PUP.CrossRider^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
C:\Windows\Tasks\GNOK.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\GNOK =>PUP.CrossRider^
C:\Windows\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 =>PUP.CrossRider^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaP-1.9cV16.03] =>PUP.CrossRider^
[HKCU\Software\SearchProtectWS] =>PUP.SearchProtect^
[HKCU\Software\SimplyTech] =>PUP.SimplyTech^
[HKCU\Software\TNT2] =>Adware.TidyNetwork^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\156eacdc-6be3-484e-958c-b1950c01381c] =>PUP.CrossRider^
[HKLM\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider^
[HKLM\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Elex-tech] =>PUP.Elex^
[HKLM\Software\FFPluginHp] =>PUP.SweetSearch^
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\IHProtect] =>Adware.AgentODR^
[HKLM\Software\SupDp] =>PUP.SupTab^
[HKLM\Software\oursurfingSoftware] =>Hijacker.OurSurfing^
[HKLM\Software\supTab] =>PUP.SupTab^
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu^
C:\Windows\Installer\b3e4fc.msi =>Toolbar.Ask^
[HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask^
[HKCR\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] (LuckyTab Class) =>PUP.LuckyTab^
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: Modified =>PUA.StartShow
[MD5.0FAB06AF673FF112A8F3B0765DE9ACC5] - (.Elex do Brasil Participaç?es Ltda - YACTray.) -- C:\Program Files\Elex-tech\YAC\iSafeTray.exe [368000] [PID.3092] =>PUP.Elex
G2 - EXT: C:\Users\DJILANI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch [Ask Toolbar] =>Toolbar.Ask
G2 - EXT: C:\Users\DJILANI\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb [CinemaP-1.9cV16.03] =>PUP.CrossRider
M3 - MFPP: Plugins - [DJILANI] -- C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\searchplugins\delta-homes.xml =>Hijacker.DeltaHomes
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\fftoolbar2014@etech.com] [] FF Toolbar v1.0.0.1025 (..) =>Adware.FFToolBar
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\quick_searchff@gmail.com] [] QuickSearch v1.0.0.1025 (..) =>PUP.QuickSearch
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\searchengine@gmail.com] [] Search Enginer v1.0.0.1027 (..) =>PUP.SearchEngine
M2 - MFEP: prefs.js [DJILANI - hbdjvkry.default-1422379215343\sweetsearch@gmail.com] [] Search Enginer v1.0.0.1031 (..) =>PUP.SearchEngine
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] fftoolbar2014@etech.com =>Adware.FFToolBar
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] quick_searchff@gmail.com =>PUP.QuickSearch
M2 - MFEP: Extension [DJILANI - hbdjvkry.default-1422379215343] sweetsearch@gmail.com =>PUP.SweetSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com =>PUP.V9Software
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com =>PUP.V9Software
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com =>PUP.V9Software
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com =>PUP.V9Software
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} . (.IvoSoft - Adds classic Windows Explorer features.) -- C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Ask Toolbar BHO - {5054562D-5247-006A-76A7-7A786E7484D7} . (...) -- "C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll" (.not file.) =>Toolbar.AskBar
O2 - BHO: LuckyTab Class - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\XTab\SupTab.dll =>PUP.LuckyTab
O3 - Toolbar: Ask Toolbar - [HKLM]{5054562D-5247-006A-76A7-7A786E7484D7} . (...) -- C:\Program Files\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll =>Toolbar.AskBar
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe http://www.oursurfing.com =>Hijacker.OurSurfing
O4 - GS\QuickLaunch [DJILANI]: Chrome.LNK . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\DJILANI\Local Settings\Applic~1\Google\Chrome\Application\chrome.exe http://sweets-pages.com =>Hijacker.Browsers
O4 - GS\QuickLaunch [DJILANI]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\SystemTools [DJILANI]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com =>Hijacker.OurSurfing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\XTab\ProtectService.exe =>Adware.AgentODR
O23 - Service: YAC Service (iSafeService) . (.Elex do Brasil Participaç?es Ltda - iSafeSvc.) - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Windows SysTool - Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[MD5.CA189CB28ED318B44A2A89F0B35B1831] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [801048] =>PUA.KMSpico
[MD5.877759FE37E2EED150C792006B342BC3] [APT] [BYAIAMUF] (.Cinema PlusV16.03.) -- C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe [2035200] =>PUP.CrossRider
[MD5.B23B61AF1349EAB73480714042C21518] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe [1408512] =>PUP.CrossRider
[MD5.1B3B0B7E6E8E4E8122A885C5ED460360] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe [1127424] =>PUP.CrossRider
[MD5.F8C3B8761686BCBC80ACDB6A5317702B] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe [1480192] =>PUP.CrossRider
[MD5.3D5758641084D02C8EA0308945D8CF20] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-5] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe [1190400] =>PUP.CrossRider
[MD5.3D5758641084D02C8EA0308945D8CF20] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe [1190400] =>PUP.CrossRider
[MD5.BA093B0EFDC06A2029E61123F8772AFA] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe [1474560] =>PUP.CrossRider
[MD5.1B3B0B7E6E8E4E8122A885C5ED460360] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-7] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe [1127424] =>PUP.CrossRider
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [APT] [e653cf25-f107-4cbe-b8d1-5dadaea354f2-4] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.exe [1380352] =>PUP.CrossRider
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [APT] [GNOK] (.Cinema PlusV16.03.) -- C:\Users\DJILANI\AppData\Roaming\GNOK.exe [1380352] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineUA] (...) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0] =>PUP.GlobalUpdate
[MD5.B23B61AF1349EAB73480714042C21518] [APT] [temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6] (.Cinema PlusV16.03.) -- C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe [1408512] =>PUP.CrossRider
O39 - APT: BYAIAMUF - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\BYAIAMUF.job [1694] =>PUP.CrossRider
O39 - APT: BYAIAMUF - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\BYAIAMUF [1694] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job [3124] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 [3124] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job [3460] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 [3460] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job [2098] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user [2098] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job [5170] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 [5170] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job [4144] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 [4144] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job [4480] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 [4480] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user [2432] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job [5504] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 [5504] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job [5168] =>PUP.CrossRider
O39 - APT: e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 [5168] =>PUP.CrossRider
O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [962] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [962] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [966] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [966] =>PUP.GlobalUpdate
O39 - APT: GNOK - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\GNOK.job [1342] =>PUP.CrossRider
O39 - APT: GNOK - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\GNOK [1342] =>PUP.CrossRide
O39 - APT: temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job [3028] =>PUP.CrossRider
O39 - APT: temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 - (.Cinema PlusV16.03.) -- C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 [3028] =>PUP.CrossRider
O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlMon) . (.Elex do Brasil Participaç?es Ltda - YAC Monitor Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys =>PUP.Elex
O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participaç?es Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys =>PUP.Elex
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participaç?es Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\DRIVERS\iSafeNetFilter.sys =>PUP.Elex
O41 - Driver: (MpKslbe06fdc1) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{169EE578-0042-4058-A660-30161E456245}\MpKslbe06fdc1.sys (.not file.)
O41 - Driver: (eamonm) . (. - .) - C:\Windows\System32\DRIVERS\eamonm.sys (.not file.)
O41 - Driver: (ehdrv) . (. - .) - C:\Windows\System32\DRIVERS\ehdrv.sys (.not file.)
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM] -- {5054562D-5247-006A-76A7-A758B70C1C01} =>Toolbar.Ask
O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAC?ES LTDA.) [HKLM] -- iSafe =>PUP.Elex
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM] -- mystartsearch uninstall =>PUP.StartSearch
O42 - Logiciel: oursurfing uninstall - (.oursurfing.) [HKLM] -- oursurfing uninstall =>Hijacker.OurSurfing
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>P2P.BitTorrent
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider
[HKCU\Software\CinemaP-1.9cV16.03] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\SearchProtectWS] =>PUP.SearchProtect
[HKCU\Software\SimplyTech] =>PUP.SimplyTech
[HKCU\Software\TNT2] =>Adware.TidyNetwork
[HKLM\Software\156eacdc-6be3-484e-958c-b1950c01381c] =>PUP.CrossRider
[HKLM\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider
[HKLM\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Elex-tech] =>PUP.Elex
[HKLM\Software\FFPluginHp] =>PUP.SweetSearch
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\IHProtect] =>Adware.AgentODR
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\oursurfingSoftware] =>Hijacker.OurSurfing
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu
O43 - CFD: 20/05/2015 - 22:41:06 - [] ----D C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 14/05/2015 - 15:07:54 - [] ----D C:\Program Files\CinemaP-1.9cV16.03 =>PUP.CrossRider
O43 - CFD: 11/06/2015 - 10:02:18 - [] ----D C:\Program Files\Elex-tech =>PUP.Elex
O43 - CFD: 03/04/2015 - 13:41:12 - [] ----D C:\Program Files\KMSpico =>PUA.KMSpico
O43 - CFD: 26/09/2014 - 21:24:57 - [] ----D C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 27/02/2015 - 18:50:38 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 20/05/2015 - 22:40:54 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 03/04/2015 - 13:41:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 11/06/2015 - 10:02:17 - [] ----D C:\Users\DJILANI\AppData\Roaming\Elex-tech =>PUP.Elex
O43 - CFD: 14/05/2015 - 15:01:53 - [] ----D C:\Users\DJILANI\AppData\Roaming\oursurfing =>Hijacker.OurSurfing
O43 - CFD: 16/06/2015 - 08:24:53 - [] ----D C:\Users\DJILANI\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 26/09/2014 - 21:25:02 - [] ----D C:\Users\DJILANI\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 14/05/2015 - 15:05:23 - [] ----D C:\Users\DJILANI\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O44 - LFC:[MD5.A365032F4D58E9A66D231B49A6975A9E] - 11/06/2015 - 10:02:51 ---A- . (.Elex do Brasil Participaç?es Ltda - iSafeNetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\iSafeNetFilter.sys [44712] =>PUP.Elex
O51 - MPSK:{1af2216c-1ef8-11e4-9046-fdba7ed70ed2}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O51 - MPSK:{1af22190-1ef8-11e4-9046-c96e18626587}\AutoRun\command. (...) -- J:\setup.exe (.not file.)
O51 - MPSK:{2bcc968a-3840-11e4-9e90-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2bcc9697-3840-11e4-9e90-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{65f1d644-368a-11e4-bea2-7c0507055c06}\AutoRun\command. (...) -- F:\SETUP.exe (.not file.)
O51 - MPSK:{7280e4c7-f95a-11e4-939f-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e5dd423-ed7f-11e4-bc50-7c0507055c06}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O51 - MPSK:{a51bf5a7-57ba-11e4-ad4e-7c0507055c06}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{d962e60e-3fb6-11e4-9497-2cd05a555863}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{eaab4c0f-6bd8-11e4-8121-7c0507055c06}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (1).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (2).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:03 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^ (4).exe [5970256] =>PUP.MindSpark
O61 - LFC: 13/06/2015 - 14:06:04 ---A- . (.FromDocToPDF.) -- C:\Users\DJILANI\Downloads\FromDocToPDFSetup2.5.15.15.^Y6^man000^YYA^.exe [5970256] =>PUP.MindSpark
O61 - LFC: 16/06/2015 - 14:06:03 ---A- . (.Trend Micro Inc..) -- C:\Users\DJILANI\Desktop\HijackThis.exe [388608]
O69 - SBI: prefs.js [DJILANI - hbdjvkry.default-1422379215343] user_pref("extensions.crossrider.bic", "14d52c1b1e4b5385e472817f10b99fac"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {3A40E547-20FD-44a2-94D0-1C98342D1507} - (Daum) - http://do-search.com =>PUP.DoSearches
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com =>PUP.DoSearches
C:\Users\DJILANI\AppData\Roaming\uTorrent\Fine Print PDF MAKER + Keygen.rar.torrent =>.Crack,Keygen
C:\Users\DJILANI\AppData\Roaming\uTorrent\Fine Print PDF MAKER + Keygen.rar.torrent =>.Crack,Keygen
[MD5.877759FE37E2EED150C792006B342BC3] [SPRF][14/05/2015] (.Cinema PlusV16.03 - CinemaP-1.9cV16.03 exe.) -- C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe [2035200] =>PUP.CrossRider
[MD5.FB1A8421E929D33E99E42FA677ADE32C] [SPRF][08/08/2014] (...) -- C:\Users\DJILANI\AppData\Roaming\DJILANIlog.dat [42485]
[MD5.1C7FF4BFACDDD04E3504DCB1BA5987ED] [SPRF][14/05/2015] (.Cinema PlusV16.03 - CinemaP-1.9cV16.03 exe.) -- C:\Users\DJILANI\AppData\Roaming\GNOK.exe [1380352] =>PUP.CrossRider
[MD5.47811D50390A86A17102D7496E6EABB9] [SPRF][16/06/2015] (.Trend Micro Inc. - HijackThis.) -- C:\Users\DJILANI\Desktop\HijackThis.exe [388608]
O87 - FAEL: "{4DBB6848-83D9-473C-B966-84284E9A173F}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A1490656-5CA0-411A-A4EB-FBF26983075B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\DJILANI\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O90 - PUC: "D26545057425A600677A7A857BC0C110" . (.Ask Toolbar.) -- C:\Windows\Installer\{5054562D-5247-006A-76A7-A758B70C1C01}\ToolbarIcon.exe =>Toolbar.Ask
[MD5.3A71673A09138590C61CDAA158C117B5] [WIS][27/04/2015] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\b3e4fc.msi [516096] =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\amt_mystartsearch_RASAPI32 =>PUP.StartSearch
HKLM\SOFTWARE\Microsoft\Tracing\amt_mystartsearch_RASMANCS =>PUP.StartSearch
HKLM\SOFTWARE\Microsoft\Tracing\amt_oursurfing_RASAPI32 =>Hijacker.OurSurfing
HKLM\SOFTWARE\Microsoft\Tracing\amt_oursurfing_RASMANCS =>Hijacker.OurSurfing
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\ApnStub_RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS =>Toolbar.AskBar
HKLM\SOFTWARE\Microsoft\Tracing\Offercast2801_ARS__RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\Offercast2801_ARS__RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32 =>PUP.WpManager
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS =>PUP.WpManager
[HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask
[HKCR\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] (LuckyTab Class) =>PUP.LuckyTab
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
SS - | Auto 25/11/2013 800536 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
SR - | Auto 20/05/2015 157824 | (IHProtect Service) . (.XTab system.) - C:\Program Files\XTab\ProtectService.exe =>Adware.AgentODR
SR - | Auto 10/06/2015 118048 | (iSafeService) . (.Elex do Brasil Participaç?es Ltda.) - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe =>PUP.Elex
SR - | Auto 20/05/2015 602112 | (WindowsMangerProtect) . (.Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service] =>Adware.AgentODR^
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>PUP.Elex^
[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUA.KMSpico^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5054562D-5247-006A-76A7-A758B70C1C01}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>PUP.Elex^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall] =>PUP.StartSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall] =>Hijacker.OurSurfing^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{5054562D-5247-006A-76A7-7A786E7484D7} =>Toolbar.AskBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\fftoolbar2014@etech.com =>Adware.FFToolBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\quick_searchff@gmail.com =>PUP.QuickSearch^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\searchengine@gmail.com =>PUP.SearchEngine^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\extensions\sweetsearch@gmail.com =>PUP.SearchEngine^
C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar^
C:\Program Files\CinemaP-1.9cV16.03 =>PUP.CrossRider^
C:\Program Files\Elex-tech =>PUP.Elex^
C:\Program Files\KMSpico =>PUA.KMSpico^
C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar^
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\Users\DJILANI\AppData\Roaming\Elex-tech =>PUP.Elex^
C:\Users\DJILANI\AppData\Roaming\oursurfing =>Hijacker.OurSurfing^
C:\Users\DJILANI\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\DJILANI\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar^
C:\Users\DJILANI\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow^
C:\Program Files\Elex-tech\YAC\iSafeTray.exe =>PUP.Elex^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe =>PUP.CrossRider^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\fftoolbar2014@etech.com =>Adware.FFToolBar^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\quick_searchff@gmail.com =>PUP.QuickSearch^
C:\Users\DJILANI\AppData\Roaming\Mozilla\Firefox\Profiles\hbdjvkry.default-1422379215343\Extensions\sweetsearch@gmail.com =>PUP.SweetSearch^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\Users\DJILANI\AppData\Roaming\BYAIAMUF.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe =>PUP.CrossRider^
C:\Program Files\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe =>PUP.CrossRider^
C:\Users\DJILANI\AppData\Roaming\GNOK.exe =>PUP.CrossRider^
C:\Windows\Tasks\BYAIAMUF.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\BYAIAMUF =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-4 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 =>PUP.CrossRider^
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 =>PUP.CrossRider^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
C:\Windows\Tasks\GNOK.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\GNOK =>PUP.CrossRider^
C:\Windows\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\temp_e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 =>PUP.CrossRider^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaP-1.9cV16.03] =>PUP.CrossRider^
[HKCU\Software\SearchProtectWS] =>PUP.SearchProtect^
[HKCU\Software\SimplyTech] =>PUP.SimplyTech^
[HKCU\Software\TNT2] =>Adware.TidyNetwork^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\156eacdc-6be3-484e-958c-b1950c01381c] =>PUP.CrossRider^
[HKLM\Software\CinemaP-1.9cV16.03-nv-ie] =>PUP.CrossRider^
[HKLM\Software\CinemaP-1.9cV16.03-nv] =>PUP.CrossRider^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Elex-tech] =>PUP.Elex^
[HKLM\Software\FFPluginHp] =>PUP.SweetSearch^
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\IHProtect] =>Adware.AgentODR^
[HKLM\Software\SupDp] =>PUP.SupTab^
[HKLM\Software\oursurfingSoftware] =>Hijacker.OurSurfing^
[HKLM\Software\supTab] =>PUP.SupTab^
[HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu^
C:\Windows\Installer\b3e4fc.msi =>Toolbar.Ask^
[HKCR\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask^
[HKCR\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] (LuckyTab Class) =>PUP.LuckyTab^
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore