~ Rapport de ZHPDiag v2015.4.17.39 - Nicolas Coolman (17/04/2015) ~ Lancé par user (19/07/2015 14:02:49) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17239 GCIE: Google Chrome v43.0.2357.134 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : KC399 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 2.1.8.1057 Microsoft Security Client FR-FR Language Pack v2.1.1116.0 Windows Defender W7 (Deactivate) ---\\ Logiciels d'optimisation du système CCleaner v5.07 ---\\ Logiciels de partage PeerToPeer µTorrent v3.1.3 =>P2P.µTorrent ---\\ Surveillance de Logiciels Adobe Flash Player 18 PPAPI Adobe Reader XI Java 7 Update 6 (64-bit) ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 1972 MB (16% free) System Restore: Activé (Enable) System drive C: has 55 GB (36%) free of 149 GB ---\\ Mode de connexion au système ~ Computer Name: USER-PC ~ User Name: user ~ All Users Names: user, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\user\AppData\Roaming\ ~ %Desktop% : C:\Users\user\Desktop\ ~ %Favorites% : C:\Users\user\Favorites\ ~ %LocalAppData% : C:\Users\user\AppData\Local\ ~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 55 Go of 149 Go) D: Hard drive, Flash drive, Thumb drive (Free 422 Go of 426 Go) E: CD-ROM drive (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Free 7 Go of 8 Go) Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 46 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/07/2014 - 11:52:06.) -- C:\Windows\System32\wininet.dll [2266624] [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/104 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 2/3 ~ Mes Favoris (My Favorites) : 1/53 ~ Mes Documents (My Documents) : 1/453 ~ Mon Bureau (My Desktop) : 2/24 ~ Menu demarrer (Programs) : 1/66 ~ Hidden Files: Scanned in 00mn 05s ---\\ Processus lancés [MD5.7ED5CE2876D1A3BA999D3069C3DE27DF] - (...) -- C:\Program Files\shopperz12072015\Bzvra.exe [433512] [PID.2568] =>PUP.Shopperz [MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.5264] [MD5.868E3486E7EC522330344152A5535783] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720] [PID.5744] [MD5.B55C0C526EB542F00B355B4C1FE8F7FE] - (.WiseCleaner.com - Wise Care 365 Tray.) -- C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [1790088] [PID.5900] [MD5.A391896CD406E6377F5CEF31FDC12019] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\SysWOW64\ACEngSvr.exe [155648] [PID.6036] [MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.4448] [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.6388] [MD5.0DE6521016CAE929552DD557979E196C] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\MiuiTab\cmdshell.exe [29368] [PID.6828] =>PUP.SearchProtect [MD5.6757AE0AEF209273A31C4F820ADB625E] - (...) -- C:\Users\user\AppData\Local\gmsd_fr_004010022\upgmsd_fr_004010022.exe [3565736] [PID.2928] =>PUP.CrossRider [MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Pas de propriétaire - WebPlayer.) -- C:\Users\user\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752] [PID.3520] =>PUP.CrossRider [MD5.A092258F26296C791D982E83814685BD] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144] [PID.3348] [MD5.D98BC64645C2DAEDC1E79B4CCCCBBC8E] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.5636] [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.5648] [MD5.AF43C4F7F3C8BC95DAD95024F96CDC4A] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.4012] [MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.3020] =>PUP.CrossBrowse [MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] - (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\user\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] [PID.7008] =>PUP.SmartWeb [MD5.D277312BB46D0B006129E687F6592485] - (...) -- C:\Program Files (x86)\gmsd_fr_005010033\gmsd_fr_005010033.exe [3984528] [PID.3308] =>PUP.CrossRider [MD5.6D2E074D5587B4CCCE6784A8D6826A02] - (...) -- C:\Program Files (x86)\gmsd_fr_005010034\gmsd_fr_005010034.exe [3983504] [PID.7608] =>PUP.CrossRider [MD5.44069C2AC699C8DAD80A96FB1C8DFE57] - (.SoftBrain Technologies Ltd. - SmartWeb Application.) -- C:\Users\user\AppData\Local\SmartWeb\SmartWebApp.exe [557088] [PID.5972] =>PUP.SmartWeb [MD5.84B5D5396472C76E2DC550F4401EA233] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\MiuiTab\HPNotify.exe [673976] [PID.3464] [MD5.F9A826468F3E840A3CE946361DF3CDD9] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-10.exe [1285200] [PID.4464] =>PUP.CrossRider [MD5.62A3B7A12578B3B595253342B982BDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8198144] [PID.5316] [MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1444] [MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1504] [MD5.02D55E3F5B153F99B3743A69B95BFA52] - (.DTools LIMITED - Windows DTools.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [707240] [PID.1584] =>PUP.Fuyu [MD5.DA71D6A66ECD0E1390A1742E6D39FA2D] - (.PublicZBrowser - Br0wsrApVs4.1 exe.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6.exe [1482240] [PID.1940] [MD5.84872994728D3F95E92A84798254C413] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-1-6.exe [1365072] [PID.1196] =>PUP.CrossRider [MD5.6388FAAF18592E3C95C500AA6AF8CB05] - (.PublicZBrowser - Br0wsrApVs4.1 exe.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6.exe [1544192] [PID.2152] [MD5.B7047394BDF33DF77EE040825961CADF] - (...) -- C:\Program Files\shopperz12072015\Igivkorcb.exe [285544] [PID.2468] =>PUP.Shopperz [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2560] [MD5.FECA9F830A5C6BAB9978E6781A26AE2B] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816] [PID.2612] [MD5.BA9E50427D109F787E08798F15B58ECF] - (.Lid - App Lid exe.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6.exe [1337344] [PID.2804] [MD5.5B33709F7FE59BB625F113EED86AFC5C] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672] [PID.3456] [MD5.5DB48EB77F54B5B5597ED118341FF136] - (.InstallMonetizer - Shop and Save Up exe.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6.exe [1332704] [PID.3816] [MD5.9E1903186D742C66743A142BE848E253] - (.InstallMonetizer - Shop and Save Up exe.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-6.exe [1275872] [PID.4424] [MD5.BB46A799524BC90BABDC165CC2C5E9EB] - (.BrowserV14.07 - BrowserV14.07 exe.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6.exe [1548880] [PID.4456] [MD5.7EE5DCE6393CF45C6761EEA608ADFED1] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-6.exe [1312848] [PID.4496] =>PUP.CrossRider [MD5.A8FC6C26CE25B0DF4EC698F5092AAE9D] - (.Lid - App Lid exe.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-6.exe [1414144] [PID.4508] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.4916] [MD5.EBDE31F7CCFCBC5E73F067AF033009BD] - (.BrowserV14.07 - BrowserV14.07 exe.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6.exe [1573456] [PID.5076] [MD5.F665EE65E60513C59E2ADBEF33989AB1] - (.ClaraLabs - ClaraUpdater.) -- C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [926832] [PID.6712] =>Adware.SupTab [MD5.28A053EA1B32E50871ED66D852AD3D31] - (...) -- C:\Program Files\shopperz12072015\csrcc.exe [1448808] [PID.7096] =>PUP.Shopperz [MD5.E9E2DC4B14F2A20046683E2B699BA79C] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112] [PID.4956] [MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.6848] [MD5.8FACA99726EEAD0E06F9907C43285FBE] - (...) -- C:\Program Files\shopperz12072015\ZazyjiKotn.exe [171920] [PID.3896] =>PUP.Shopperz [MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.3792] [MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.7696] [MD5.D8F886869FCC669797457A473F341E7B] - (...) -- C:\Program Files\shopperz12072015\Xzeexmh.exe [174952] [PID.7736] =>PUP.Shopperz [MD5.1808C42D1C76DC2BAE860707605AD3F7] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [235624] [PID.7848] [MD5.A9A44226715526BAC2B78852F1E5EEE2] - (...) -- C:\Program Files (x86)\Coupoon\UpdateCheck.exe [53040] [PID.8484] [MD5.918C6F7D4C240FF4D9FBCB8937BD11C3] - (...) -- C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\hnsqBB35.tmp [165376] [PID.8940] [MD5.C1D02A3EBECCBB3E59B7051E1CF3030E] - (...) -- C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\knsr464E.tmp [264704] [PID.8984] [MD5.AF4B0666B17A599189219B85CE646A1E] - (...) -- C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe [1166336] [PID.9016] =>PUP.Wajam [MD5.9A41B9A1DF61CCD9447BE599BC99A092] - (.Irrational Number Applications - WebShield Service.) -- C:\ProgramData\MocULS\WQsFLW.exe [2732024] [PID.8408] [MD5.300DC0A697E6B9D1F8E517AE503092DB] - (.Word Surfer - Word Surfer Client Service.) -- C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608] [PID.6332] [MD5.2B639342639296899D5488CFFC6914B7] - (...) -- C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\jnsvA3DC.tmp [199168] [PID.8432] [MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.8424] [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.9524] [MD5.EA1E08901C3FE217CFC15D5865424CA4] - (...) -- C:\Program Files\shopperz12072015\Cofvopjy.exe [2020864] [PID.692] =>PUP.Shopperz [MD5.FF433375868F7073663CACE39860F3B4] - (.Pas de propriétaire - CAUVM9.) -- C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancer.exe [275456] [PID.3560] =>PUP.Wajam [MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240] [PID.3184] [MD5.BA4AFB391415A4620C5332861E87D6A1] - (...) -- C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe [471792] [PID.7480] =>PUP.DynamoCombo [MD5.BA4AFB391415A4620C5332861E87D6A1] - (...) -- C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe [471792] [PID.3064] =>PUP.DynamoCombo ~ Processes Running: Scanned in 00mn 09s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 9 Legitimates Filtered in 00mn 16s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: RegExtension {6C60F5D5-5222-36B2-BB03-CA55D8F47803} . (...) -- C:\Program Files (x86)\version66CheckMeUp\192.xpi =>PUP.CrossRider ~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50458;https=127.0.0.1:50458 =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: shopperz12072015 Helper [64Bits] - {c49ac435-5c4d-450f-aa56-cd31f96613b3} . (...) -- C:\Program Files\shopperz12072015\Eixrizl.dll =>PUP.Shopperz O2 - BHO: (no name) [64Bits] - {EFA7A511-B491-4312-BB35-4586B99E45ED} Clé orpheline ~ BHO: 5 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - GS\Desktop [Public]: FileOpener.lnk . (...) -- C:\Program Files (x86)\Tweaks\FileOpener\fileopener.exe =>Adware.InstallCore O4 - GS\Desktop [Public]: Yahoo Search.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe http://search.yahoo.com =>PUP.CrossBrowse O4 - GS\QuickLaunch [user]: BoBrowser.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O4 - GS\QuickLaunch [user]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - GS\QuickLaunch [user]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\TaskBar [user]: BoBrowser.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O4 - GS\TaskBar [user]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - GS\TaskBar [user]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>PUP.PCSpeedMaximizer O4 - GS\Program [user]: Aide.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.chm =>PUP.ProbitSoftware O4 - GS\Program [user]: Easy Speed PC on the Web.lnk . (...) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\HomePage.url =>PUP.ProbitSoftware O4 - GS\Program [user]: Easy Speed PC.lnk . (.Probit Software LTD - Easy Speed PC.) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\EasySpeedPC.exe =>PUP.ProbitSoftware O4 - GS\Program [user]: Gameo.lnk . (...) -- C:\Users\user\AppData\Roaming\Gameo\gameo.exe =>PUP.Gameo O4 - GS\Program [user]: Uninstall.lnk . (.Probit Software LTD - Easy Speed PC.) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\uninstall.exe =>PUP.ProbitSoftware O4 - GS\Desktop [user]: Amazon.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.amazon.com =>PUP.BoBrowser O4 - GS\Desktop [user]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect O4 - GS\Desktop [user]: AppsHat.lnk . (...) -- C:\Users\user\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider O4 - GS\Desktop [user]: BoBrowser.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O4 - GS\Desktop [user]: Continue Live Installation.lnk . (...) -- C:\Users\user\AppData\Local\Temp\ICReinstall_nst9822.tmp \RR (.not file.) =>PUP.ContinueLiveInstallation O4 - GS\Desktop [user]: Facebook.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.facebook.com =>PUP.BoBrowser O4 - GS\Desktop [user]: Gameo.lnk . (...) -- C:\Users\user\AppData\Roaming\Gameo\gameo.exe =>PUP.Gameo O4 - GS\Desktop [user]: Hotmail.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.hotmail.com =>PUP.BoBrowser O4 - GS\Desktop [user]: Live PC Help.lnk - Clé orpheline =>PUP.LivePCHelp O4 - GS\Desktop [user]: PC Speed Maximizer.lnk . (...) -- C:\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe (.not file.) =>PUP.PCSpeedMaximizer O4 - GS\Desktop [user]: Play Tribal Wars 2.lnk . (...) -- C:\Users\user\AppData\Roaming\Gameo\gameo.exe =>PUP.Gameo O4 - GS\Desktop [user]: Search.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.google.com =>PUP.BoBrowser O4 - GS\Desktop [user]: Wikipedia.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.wikipedia.org --location=1 =>PUP.BoBrowser O4 - GS\Desktop [user]: Youtube.lnk . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe http://www.youtube.com =>PUP.BoBrowser ~ Global Startup: 30 Legitimates Filtered in 00mn 35s ---\\ Applications lancées au démarrage du système (O4) O4 - GS\Startup [user]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [gpuminer] . (...) -- C:\Users\user\AppData\Roaming\cpuminer\sgminer\sgminer.cmd O4 - HKLM\..\Run: [cpuminer] . (...) -- C:\Windows\system32\cpuminer-gw64.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_100535F106431A9BDA15E8895BE69FFB] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKCU\..\Run: [AppsHat] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\user\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_004010022] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [rec_fr_47] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010031] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\user\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010033] . (...) -- C:\Program Files (x86)\gmsd_fr_005010033\gmsd_fr_005010033.exe =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010034] . (...) -- C:\Program Files (x86)\gmsd_fr_005010034\gmsd_fr_005010034.exe =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\RunOnce: [Hahogusetamep] . (...) -- C:\Users\user\AppData\Local\449133a47ea3583b\Conukug.dat O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_004010022.exe] . (...) -- C:\Users\user\AppData\Local\gmsd_fr_004010022\upgmsd_fr_004010022.exe =>PUP.CrossRider O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1296326609-3181093126-1469696485-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-1296326609-3181093126-1469696485-1000\..\Run: [GoogleChromeAutoLaunch_100535F106431A9BDA15E8895BE69FFB] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O4 - HKUS\S-1-5-21-1296326609-3181093126-1469696485-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKUS\S-1-5-21-1296326609-3181093126-1469696485-1000\..\Run: [AppsHat] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\user\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.17.204.69,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{07738AD2-385D-410B-A83C-7E012E19F459}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: 46784c7a-2afb-4c2f-b299-133de9a46a66 (46784c7a-2afb-4c2f-b299-133de9a46a66) . (...) - C:\Program Files\shopperz12072015\Igivkorcb.exe =>PUP.Shopperz O23 - Service: OptimizerPro Monitoring (c31ed948) . (...) - c:\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll =>PUP.OptimizerPro O23 - Service: ClaraUpdater (ClaraUpdater) . (.ClaraLabs - ClaraUpdater.) - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab O23 - Service: CoupoonService64 (CoupoonService64) . (...) - C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe O23 - Service: csrcc (csrcc) . (...) - C:\Program Files\shopperz12072015\csrcc.exe =>PUP.Shopperz O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files (x86)\MiuiTab\ProtectService.exe =>Adware.AgentODR O23 - Service: LosdyLijfeu (LosdyLijfeu) . (...) - C:\Program Files\shopperz12072015\ZazyjiKotn.exe =>PUP.Shopperz O23 - Service: shopperz12072015 Updater (shopperz12072015 Updater) . (...) - C:\Program Files\shopperz12072015\Xzeexmh.exe =>PUP.Shopperz O23 - Service: Update Dynamo Combo (Update Dynamo Combo) . (...) - C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe =>PUP.DynamoCombo O23 - Service: UpdateCheck (UpdateCheck) . (...) - C:\Program Files (x86)\Coupoon\UpdateCheck.exe O23 - Service: Util Dynamo Combo (Util Dynamo Combo) . (...) - C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe =>PUP.DynamoCombo O23 - Service: Encyclopaedia Enter (vicoqudu) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\hnsqBB35.tmp O23 - Service: Photocopier Operate (welyxosy) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\knsr464E.tmp O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.DTools LIMITED - Windows DTools.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu O23 - Service: WInterEnhancer Service (WInterEnhancer Service) . (...) - C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe =>PUP.Wajam O23 - Service: Word Surfer 1.10.0.19 Client Service (wsasvc_1.10.0.19) . (.Word Surfer - Word Surfer Client Service.) - C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe O23 - Service: Typewriter High Resolution (zejytose) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\jnsvA3DC.tmp ~ Services: 32 Legitimates Filtered in 00mn 16s ---\\ Tâches planifiées en automatique (O39) [MD5.6388FAAF18592E3C95C500AA6AF8CB05] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6.exe [1544192] [MD5.827A47F5E420DB6FA4F9877848DFC741] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7.exe [1143808] [MD5.1A481D19CA570FC5806DF6A5445ECB27] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5.exe [1207296] [MD5.1A481D19CA570FC5806DF6A5445ECB27] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5.exe [1207296] [MD5.DA71D6A66ECD0E1390A1742E6D39FA2D] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6.exe [1482240] [MD5.827A47F5E420DB6FA4F9877848DFC741] [APT] [02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7] (.PublicZBrowser.) -- C:\Program Files (x86)\Br0wsrApVs4.1\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7.exe [1143808] [MD5.84872994728D3F95E92A84798254C413] [APT] [52741cd5-0963-4623-a329-e4604047514b-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-1-6.exe [1365072] =>PUP.CrossRider [MD5.58D1C95FC3C1B26C6715EDFFCDE20B2B] [APT] [52741cd5-0963-4623-a329-e4604047514b-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-1-7.exe [1120848] =>PUP.CrossRider [MD5.F9A826468F3E840A3CE946361DF3CDD9] [APT] [52741cd5-0963-4623-a329-e4604047514b-10_user] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-10.exe [1285200] =>PUP.CrossRider [MD5.C7630AE968A171045B4506E451D0D048] [APT] [52741cd5-0963-4623-a329-e4604047514b-11] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-11.exe [1312336] =>PUP.CrossRider [MD5.C7630AE968A171045B4506E451D0D048] [APT] [52741cd5-0963-4623-a329-e4604047514b-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-3.exe [1312336] =>PUP.CrossRider [MD5.019034E7BA9D6AD2C1B7D36CDE29194B] [APT] [52741cd5-0963-4623-a329-e4604047514b-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-5.exe [1185872] =>PUP.CrossRider [MD5.019034E7BA9D6AD2C1B7D36CDE29194B] [APT] [52741cd5-0963-4623-a329-e4604047514b-5_user] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-5.exe [1185872] =>PUP.CrossRider [MD5.7EE5DCE6393CF45C6761EEA608ADFED1] [APT] [52741cd5-0963-4623-a329-e4604047514b-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-6.exe [1312848] =>PUP.CrossRider [MD5.58D1C95FC3C1B26C6715EDFFCDE20B2B] [APT] [52741cd5-0963-4623-a329-e4604047514b-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-7.exe [1120848] =>PUP.CrossRider [MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [6FhuRSj] (...) -- C:\users\user\AppData\Roaming\6FhuRSj.exe [1579520] [MD5.9F2CDC3CBFF594A2A31811B6B7DDF20C] [APT] [APSnotifierPP1] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect [MD5.9F2CDC3CBFF594A2A31811B6B7DDF20C] [APT] [APSnotifierPP2] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect [MD5.9F2CDC3CBFF594A2A31811B6B7DDF20C] [APT] [APSnotifierPP3] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect [MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.) [0] [MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [aZMW80R8SgPS5qRhm] (...) -- C:\users\user\AppData\Roaming\aZMW80R8SgPS5qRhm.exe [1579520] [MD5.5DB48EB77F54B5B5597ED118341FF136] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6.exe [1332704] [MD5.5864EBF5E16E509FD6C7D354F831BC7D] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7.exe [991200] [MD5.B9239ACF2AB3C22C1C4D62261E7107BE] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-10_user] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-10.exe [1491936] [MD5.660AE0AE3D185D3F0D6B0D9B74E95FF6] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-11] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-11.exe [1417696] [MD5.660AE0AE3D185D3F0D6B0D9B74E95FF6] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-3] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-3.exe [1417696] [MD5.3863961FAF4259BA867BF3697C3DEC46] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-5] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-5.exe [1142240] [MD5.3863961FAF4259BA867BF3697C3DEC46] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-5.exe [1142240] [MD5.9E1903186D742C66743A142BE848E253] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-6] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-6.exe [1275872] [MD5.5864EBF5E16E509FD6C7D354F831BC7D] [APT] [b3b23845-23db-4d7f-bb0a-d6a24433715e-7] (.InstallMonetizer.) -- C:\Program Files (x86)\Shop and Save Up\b3b23845-23db-4d7f-bb0a-d6a24433715e-7.exe [991200] [MD5.BA9E50427D109F787E08798F15B58ECF] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6.exe [1337344] [MD5.979F809F9E5A90371F1F904D15672A45] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7.exe [994304] [MD5.5DA3943CF3855AE95F392B6E333E2152] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-10_user] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-10.exe [1255936] [MD5.00179F3325175BF522BCB0F0118BBD33] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-11] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-11.exe [1287168] [MD5.00179F3325175BF522BCB0F0118BBD33] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-3] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-3.exe [1287168] [MD5.F5E6395E2DADF3DC9A4AD58E59C584DE] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-5] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-5.exe [1152000] [MD5.F5E6395E2DADF3DC9A4AD58E59C584DE] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-5.exe [1152000] [MD5.A8FC6C26CE25B0DF4EC698F5092AAE9D] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-6] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-6.exe [1414144] [MD5.979F809F9E5A90371F1F904D15672A45] [APT] [baf8dca5-c766-44e7-ab83-ed3a2949214b-7] (.Lid.) -- C:\Program Files (x86)\App Lid\baf8dca5-c766-44e7-ab83-ed3a2949214b-7.exe [994304] [MD5.EBDE31F7CCFCBC5E73F067AF033009BD] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6.exe [1573456] [MD5.EB772DF12ED074A73B8D297D59F5C2CD] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7.exe [1180752] [MD5.AC541F35B6F17936EEA7824C4B901BDF] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-11] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-11.exe [1517648] [MD5.AC541F35B6F17936EEA7824C4B901BDF] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-3] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-3.exe [1517648] [MD5.B220DF3AB94878EF80489A6BD335437F] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-5] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5.exe [1248848] [MD5.B220DF3AB94878EF80489A6BD335437F] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5.exe [1248848] [MD5.BB46A799524BC90BABDC165CC2C5E9EB] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-6] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6.exe [1548880] [MD5.EB772DF12ED074A73B8D297D59F5C2CD] [APT] [bbfbdf44-4c11-424e-bf89-c8daeda3b483-7] (.BrowserV14.07.) -- C:\Program Files (x86)\BrowserV14.07\bbfbdf44-4c11-424e-bf89-c8daeda3b483-7.exe [1180752] [MD5.F665EE65E60513C59E2ADBEF33989AB1] [APT] [CGN] (.ClaraLabs.) -- C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [926832] =>Adware.SupTab [MD5.4D55806F95185BB45081741C58DD22B9] [APT] [CheckMeUp Update] (...) -- C:\Program Files (x86)\version66CheckMeUp\m6CheckMeUpw79.exe [602112] =>PUP.CrossRider [MD5.B57D60CD390792DC0650178631380918] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1967696] =>PUP.CrossBrowse [MD5.E2546B5B06138EC3DF9A5D1AE67E871D] [APT] [Digital Sites] (...) -- C:\users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [127488] =>Hijacker.DSite [MD5.E671FDA88FEB2A3E4495EA73D5D11526] [APT] [Easy Speed PC Schedule] (.Probit Software LTD.) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSchedule.exe [988928] =>PUP.ProbitSoftware [MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [F4zxxelUHkGr3l5M7d8Booyo] (...) -- C:\users\user\AppData\Roaming\F4zxxelUHkGr3l5M7d8Booyo.exe [1579520] [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate [MD5.12EAE4E8657DB949FF01012D237906A0] [APT] [MuscleNoHassle] (...) -- c:\programdata\{ec7d9db1-0326-1c80-ec7d-d9db103276c4}\nse26e4.tmp.exe [221184] [MD5.0B3F0417A4F201C128876A99F8580284] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [148112] =>PUP.OptimizerPro [MD5.00000000000000000000000000000000] [APT] [PC Speed Maximizer Schedule] (...) -- C:\Program Files (x86)\PC Speed Maximizer\SPMSchedule.exe (.not file.) [0] =>PUP.PCSpeedMaximizer [MD5.092CB7F6ACB7B3F2323D4CDDC5BA1A85] [APT] [Price Fountain] (...) -- C:\users\user\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.exe [519168] =>PUP.PriceFountain [MD5.A39AC621C4F93CB3018215F79559FA6C] [APT] [Run_Bobby_Browser] (.The BoBrowser Authors.) -- C:\users\user\AppData\Local\BoBrowser\Application\bobrowser.exe [642728] =>PUP.BoBrowser [MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] [APT] [SmartWeb Upgrade Trigger Task] (.SoftBrain Technologies Ltd..) -- C:\users\user\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] =>PUP.SmartWeb [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [Snmix] (...) -- C:\Program Files\shopperz12072015\Ubehsi.bat" [75] =>PUP.Shopperz [MD5.F1955D4CB42EA713674C35A8A52E2C73] [APT] [Sriugnada] (...) -- C:\ProgramData\Sriugnada\1.0.4.1\eduumifb.exe [158720] [MD5.EA52E12FCE04D88DBA11A277315EF1EA] [APT] [tet3008] (...) -- C:\Program Files (x86)\FastSearch\tet3008.exe [60017] [MD5.85FCB2EBD224E405C181DAD61E6BB184] [APT] [WordSurfer Auto Updater 1.10.0.19 Core] (.Word Surfer.) -- C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [63576] [MD5.85FCB2EBD224E405C181DAD61E6BB184] [APT] [WordSurfer Auto Updater 1.10.0.19 Pending Update] (.Word Surfer.) -- C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [63576] [MD5.0A7DAFA06EE59E4E95666811056059D1] [APT] [WSE_Vosteran] (...) -- C:\users\user\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.exe [475648] =>PUP.Vosteran [MD5.817468B3E01928EE9A64557657FF4F11] [APT] [WWQNWYUTJIHSPWFT] (...) -- C:\ProgramData\Service7609\Service7609.exe [80896] [MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [Xfg6xEGf5LSY9bal3qCuWJHWZ] (...) -- C:\users\user\AppData\Roaming\Xfg6xEGf5LSY9bal3qCuWJHWZ.exe [1579520] [MD5.00000000000000000000000000000000] [APT] [Yahoo! Search Updater] (...) -- C:\users\user\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js" (.not file.) [0] =>PUP.PaybyAds [MD5.D6CBC1B5528231A01341DDAD01D99465] [APT] [ZBZOF1] (.LolliScan.) -- C:\ProgramData\LolliScan\LolliScan.exe [813056] =>Adware.Graftor [MD5.00000000000000000000000000000000] [APT] [{6FBF6022-3563-4891-835D-7EF18281E431}] (...) -- C:\users\user\AppData\Local\Temp\Temp2_Minecraft_Cracked_v1.2.3.zip\Minecraft_Cracked_v1.2.3.exe (.not file.) [0] [MD5.B3B6F2EE960DE788F4B9BD944D7077F0] [APT] [{A1B23B77-7C2A-43C2-B1DB-AF58367532F7}] (.Skytech Co., Ltd..) -- C:\users\user\AppData\Roaming\istartsurf\UninstallManager.exe [1804800] =>PUP.Istart [MD5.BF87D99A7E9E53F8A4D565A4A873CECA] [APT] [{D484780B-92FD-4956-8318-0FAE484B98A5}] (.gamigo AG.) -- C:\Program Files (x86)\gamigo Games\Fiesta Online(EU_French)\FiestaOnline.exe [1049880] [MD5.00000000000000000000000000000000] [APT] [{E2F3569E-8616-4360-9A9C-6CB6ABBA5C96}] (...) -- C:\users\user\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) [0] =>PUP.StartSearch O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6 - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6.job [3120] O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6 - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-6 [3120] O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7 - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7.job [3120] O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7 - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-1-7 [3120] O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5 - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5.job [2428] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5 - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5 [2428] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user.job [2428] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user [2428] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6 - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6.job [5500] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6 - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6 [5500] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7 - (.PublicZBrowser.) -- C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7.job [5164] =>PUP.CrossRider O39 - APT: 02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7 - (.PublicZBrowser.) -- C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7 [5164] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-6.job [3102] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-6 [3102] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-7.job [3438] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-7 [3438] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-10_user - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-10_user.job [2076] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-10_user - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-10_user [2076] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-11 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-11.job [5148] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-11 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-11 [5148] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-3 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-3.job [4458] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-3 [4458] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-5 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-5.job [2410] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-5 [2410] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-5_user - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-5_user.job [2410] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-5_user - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-5_user [2410] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-6 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-6.job [5826] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-6 [5826] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-7 - (.InstallMoon.) -- C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-7.job [5482] =>PUP.CrossRider O39 - APT: 52741cd5-0963-4623-a329-e4604047514b-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-7 [5482] =>PUP.CrossRider O39 - APT: 6FhuRSj - (...) -- C:\Windows\Tasks\6FhuRSj.job [982] O39 - APT: 6FhuRSj - (...) -- C:\Windows\System32\Tasks\6FhuRSj [982] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect O39 - APT: aZMW80R8SgPS5qRhm - (...) -- C:\Windows\Tasks\aZMW80R8SgPS5qRhm.job [1002] O39 - APT: aZMW80R8SgPS5qRhm - (...) -- C:\Windows\System32\Tasks\aZMW80R8SgPS5qRhm [1002] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6.job [3126] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-6 [3126] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7.job [3462] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-1-7 [3462] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-10_user - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-10_user.job [2100] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-10_user - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-10_user [2100] O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-11 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-11.job [5172] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-11 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-11 [5172] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-3 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-3.job [4482] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-3 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-3 [4482] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-5 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5.job [2434] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-5 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5 [2434] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user.job [2434] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user [2434] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-6 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-6.job [5850] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-6 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-6 [5850] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-7 - (.InstallMonetizer.) -- C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-7.job [5506] =>PUP.CrossRider O39 - APT: b3b23845-23db-4d7f-bb0a-d6a24433715e-7 - (.InstallMonetizer.) -- C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-7 [5506] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6.job [3108] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-6 [3108] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7.job [3444] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-1-7 [3444] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-10_user - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-10_user.job [2082] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-10_user - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-10_user [2082] O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-11 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-11.job [5154] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-11 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-11 [5154] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-3 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-3.job [4464] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-3 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-3 [4464] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-5 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5.job [2416] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-5 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5 [2416] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user.job [2416] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user [2416] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-6 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-6.job [5832] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-6 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-6 [5832] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-7 - (.Lid.) -- C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-7.job [5488] =>PUP.CrossRider O39 - APT: baf8dca5-c766-44e7-ab83-ed3a2949214b-7 - (.Lid.) -- C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-7 [5488] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6.job [3120] O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-6 [3120] O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7.job [3456] O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-1-7 [3456] O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-11 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-11.job [5166] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-11 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-11 [5166] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-3 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-3.job [4476] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-3 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-3 [4476] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-5 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5.job [2428] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-5 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5 [2428] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user.job [2428] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user [2428] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-6 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6.job [5844] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-6 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6 [5844] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-7 - (.BrowserV14.07.) -- C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-7.job [5500] =>PUP.CrossRider O39 - APT: bbfbdf44-4c11-424e-bf89-c8daeda3b483-7 - (.BrowserV14.07.) -- C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-7 [5500] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [338] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] [338] O39 - APT: CheckMeUp Update - (...) -- C:\Windows\Tasks\CheckMeUp Update.job [424] =>PUP.CrossRider O39 - APT: CheckMeUp Update - (...) -- C:\Windows\System32\Tasks\CheckMeUp Update [424] =>PUP.CrossRider O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1054] =>PUP.CrossBrowse O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1054] =>PUP.CrossBrowse O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [288] =>Hijacker.DSite O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [288] =>Hijacker.DSite O39 - APT: F4zxxelUHkGr3l5M7d8Booyo - (...) -- C:\Windows\Tasks\F4zxxelUHkGr3l5M7d8Booyo.job [1016] O39 - APT: F4zxxelUHkGr3l5M7d8Booyo - (...) -- C:\Windows\System32\Tasks\F4zxxelUHkGr3l5M7d8Booyo [1016] O39 - APT: - (..) -- C:\Windows\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-10_user.job [2112] O39 - APT: - (..) -- C:\Windows\System32\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-10_user [2112] O39 - APT: - (..) -- C:\Windows\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5.job [2446] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\System32\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5 [2446] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5_user.job [2446] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\System32\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5_user [2446] =>PUP.CrossRider O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [932] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [932] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [936] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [936] =>PUP.GlobalUpdate O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064] O39 - APT: MuscleNoHassle - (...) -- C:\Windows\Tasks\MuscleNoHassle.job [334] O39 - APT: MuscleNoHassle - (...) -- C:\Windows\System32\Tasks\MuscleNoHassle [334] O39 - APT: Price Fountain - (...) -- C:\Windows\Tasks\Price Fountain.job [288] =>PUP.PriceFountain O39 - APT: Price Fountain - (...) -- C:\Windows\System32\Tasks\Price Fountain [288] =>PUP.PriceFountain O39 - APT: - (..) -- C:\Windows\Tasks\Superclean.job [338] =>Hijacker.iHaveNet O39 - APT: - (..) -- C:\Windows\System32\Tasks\Superclean [338] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Wise Care 365 [420] O39 - APT: - (..) -- C:\Windows\Tasks\Wise Turbo Checker.job [400] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Wise Turbo Checker [400] O39 - APT: WSE_Vosteran - (...) -- C:\Windows\Tasks\WSE_Vosteran.job [288] =>PUP.Vosteran O39 - APT: WSE_Vosteran - (...) -- C:\Windows\System32\Tasks\WSE_Vosteran [288] =>PUP.Vosteran O39 - APT: WWQNWYUTJIHSPWFT - (...) -- C:\Windows\Tasks\WWQNWYUTJIHSPWFT.job [340] O39 - APT: WWQNWYUTJIHSPWFT - (...) -- C:\Windows\System32\Tasks\WWQNWYUTJIHSPWFT [340] O39 - APT: Xfg6xEGf5LSY9bal3qCuWJHWZ - (...) -- C:\Windows\Tasks\Xfg6xEGf5LSY9bal3qCuWJHWZ.job [1018] O39 - APT: Xfg6xEGf5LSY9bal3qCuWJHWZ - (...) -- C:\Windows\System32\Tasks\Xfg6xEGf5LSY9bal3qCuWJHWZ [1018] O39 - APT: ZBZOF1 - (.LolliScan.) -- C:\Windows\Tasks\ZBZOF1.job [328] =>Adware.Graftor O39 - APT: ZBZOF1 - (.LolliScan.) -- C:\Windows\System32\Tasks\ZBZOF1 [328] =>Adware.Graftor ~ Scheduled Task: 217 Legitimates Filtered in 01mn 17s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (cherimoya) . (.Cherimoya Ltd - Cherimoya Ltd.) - C:\Windows\System32\drivers\cherimoya.sys O41 - Driver: (netfilter64) . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - C:\Windows\System32\drivers\netfilter64.sys O41 - Driver: (wsafd_1_10_0_19) . (.Word Surfer - Word Surfer TDI Driver x64.) - C:\Windows\System32\drivers\wsafd_1_10_0_19.sys O41 - Driver: ({16a92140-918d-4afb-9edb-46f22437bb10}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys =>PUP.LinkiDoo O41 - Driver: ({3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys =>PUP.LinkiDoo O41 - Driver: ({641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys =>PUP.LinkiDoo O41 - Driver: ({915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys =>PUP.LinkiDoo O41 - Driver: ({a459d632-5225-4bb9-9a0b-002544d16f6e}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{a459d632-5225-4bb9-9a0b-002544d16f6e}w64.sys =>PUP.LinkiDoo ~ Drivers: 87 Legitimates Filtered in 00mn 05s ---\\ Logiciels installés (O42) O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.CMILimited O42 - Logiciel: App Lid - (.Lid.) [HKLM][64Bits] -- App Lid O42 - Logiciel: AppsHat Mobile Apps - (.Somoto Ltd..) [HKCU][64Bits] -- AppsHat Mobile Apps =>PUP.CrossRider O42 - Logiciel: BoBrowser - (.BoBrowser.) [HKCU][64Bits] -- BoBrowser =>PUP.BoBrowser O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {DE778E8E-5286-41FF-A85E-D41A6384DD83} =>Adware.Boxore O42 - Logiciel: Br0wsrApVs4.1 - (.PublicZBrowser.) [HKLM][64Bits] -- Br0wsrApVs4.1 O42 - Logiciel: BrowserV14.07 - (.BrowserV14.07.) [HKLM][64Bits] -- BrowserV14.07 O42 - Logiciel: Buzzdock - (.Alactro LLC.) [HKLM][64Bits] -- {ac225167-00fc-452d-94c5-bb93600e7d9a} =>PUP.BuzzDock O42 - Logiciel: CheckMeUp - (.CheckMeUp-software.) [HKLM][64Bits] -- 7306067D-AF12-7D60-2A9A-7392B649EA7C =>PUP.CrossRider O42 - Logiciel: Coupoon version 1.0 - (.Coupoon.) [HKLM][64Bits] -- {49F8B4F8-0CD4-4BE4-A9E8-B13A071F7C90}_is1 O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowse O42 - Logiciel: Dynamo Combo - (.Dynamo Combo.) [HKLM][64Bits] -- Dynamo Combo =>PUP.DynamoCombo O42 - Logiciel: Easy Speed PC - (.Probit Software LTD.) [HKLM][64Bits] -- Easy Speed PC =>PUP.ProbitSoftware O42 - Logiciel: Extended Update - (.Extended Update.) [HKCU][64Bits] -- Digital Sites =>PUP.Dealply O42 - Logiciel: File Opener Packages - (...) [HKCU][64Bits] -- File Opener Packages =>Adware.InstallCore O42 - Logiciel: Friendly Error - (...) [HKLM][64Bits] -- FriendlyError O42 - Logiciel: Gameo - (.IronSource Ltd..) [HKCU][64Bits] -- Gameo =>PUP.Gameo O42 - Logiciel: GoHD - (.InstallMoon.) [HKLM][64Bits] -- GoHD =>PUP.CrossRider O42 - Logiciel: LolliScan - (...) [HKLM][64Bits] -- LolliScan =>Adware.Graftor O42 - Logiciel: PriceFountain (remove only) - (.Price Fountain.) [HKCU][64Bits] -- PriceFountain =>PUP.PriceFountain O42 - Logiciel: Shop and Save Up - (.InstallMonetizer.) [HKLM][64Bits] -- Shop and Save Up O42 - Logiciel: SmartWeb - (.SoftBrain Technologies Ltd..) [HKLM][64Bits] -- SmartWeb =>PUP.SmartWeb O42 - Logiciel: Soldiers - (.Soldiers.) [HKCU][64Bits] -- Soldiers O42 - Logiciel: Update for PriceFountain - (.Update for PriceFountain.) [HKCU][64Bits] -- Price Fountain =>PUP.PriceFountain O42 - Logiciel: WSE_Vosteran - (.WSE_Vosteran.) [HKLM][64Bits] -- WSE_Vosteran =>PUP.Vosteran O42 - Logiciel: WordSurfer 1.10.0.19 - (.WordSurfer.) [HKLM][64Bits] -- WordSurfer_1.10.0.19 O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.Istart O42 - Logiciel: nitionto - (.canortic.) [HKLM][64Bits] -- {46d699b3-6a25-4071-6078-4e96aeed2e07} O42 - Logiciel: presmar - (.tentyed.) [HKLM][64Bits] -- {1e578da5-a7c9-479c-c72b-3ddc74a54243} ~ Logic: 62 Legitimates Filtered in 00mn 09s ---\\ HKCU & HKLM Software Keys [HKCU\Software\6FhuRSj] [HKCU\Software\AnyProtect] =>PUP.AnyProtect [HKCU\Software\App Lid-nv-ie] [HKCU\Software\App Lid-nv] [HKCU\Software\App Lid] [HKCU\Software\ArenaHD] [HKCU\Software\Br0wsrApVs4.1-nv-ie] [HKCU\Software\Br0wsrApVs4.1-nv] [HKCU\Software\BrowserV14.07-nv-ie] [HKCU\Software\BrowserV14.07-nv] [HKCU\Software\CinemaPlus-3.2cV13.07-nv-ie] =>PUP.CrossRider [HKCU\Software\ClkApp] [HKCU\Software\CrossBrowser] =>PUP.CrossBrowser [HKCU\Software\Crossbrowse] =>PUP.CrossBrowse [HKCU\Software\Dynamo Combo] =>PUP.DynamoCombo [HKCU\Software\Easy Speed Check] [HKCU\Software\F4zxxelUHkGr3l5M7d8Booyo] [HKCU\Software\GamesClient] [HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider [HKCU\Software\GoHD-nv] =>PUP.CrossRider [HKCU\Software\GoHD] =>PUP.CrossRider [HKCU\Software\GoldenGate] [HKCU\Software\HighDefAction] [HKCU\Software\ICSW] [HKCU\Software\InstallPath] [HKCU\Software\ProductSetup] =>Adware.InstallCore [HKCU\Software\Reg] [HKCU\Software\Shop and Save Up-nv-ie] [HKCU\Software\Shop and Save Up-nv] [HKCU\Software\Shop and Save Up] [HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer [HKCU\Software\SystClean] [HKCU\Software\TutoTag] =>PUP.AgenceExclusive [HKCU\Software\Tutorials] =>PUP.AgenceExclusive [HKCU\Software\WInterEnhancer] =>PUP.Wajam [HKCU\Software\WajIEnhance] =>PUP.Wajam [HKCU\Software\Xfg6xEGf5LSY9bal3qCuWJHWZ] [HKCU\Software\YorkNewCin] [HKCU\Software\aZMW80R8SgPS5qRhm] [HKCU\Software\canortic] [HKCU\Software\tentyed] [HKCU\Software\wse_vosteran] =>PUP.Vosteran [HKLM\Software\ArenaHD] [HKLM\Software\BrowserV14.07-nv] [HKLM\Software\HighDefAction] [HKLM\Software\LolliScan] =>Adware.Graftor [HKLM\Software\Wow6432Node\06efd294-d850-4969-abd2-4059237f735d] =>PUP.CrossRider [HKLM\Software\Wow6432Node\43b48def-e762-4e78-b467-b86662640e44] =>PUP.CrossRider [HKLM\Software\Wow6432Node\6b6b93bd-1de9-4a1b-a3b2-d7662580653a] =>PUP.CrossRider [HKLM\Software\Wow6432Node\83f4e8ad-d5ea-4398-ae4a-a50f60593845] =>PUP.CrossRider [HKLM\Software\Wow6432Node\8b6e9139-2682-489e-9056-b3ee9505fcd9] =>PUP.CrossRider [HKLM\Software\Wow6432Node\9051900b-9712-4b58-92d9-f29e3472fc9a] =>PUP.CrossRider [HKLM\Software\Wow6432Node\App Lid-nv-ie] [HKLM\Software\Wow6432Node\App Lid-nv] [HKLM\Software\Wow6432Node\ArenaHD] [HKLM\Software\Wow6432Node\Br0wsrApVs4.1-nv-ie] [HKLM\Software\Wow6432Node\Br0wsrApVs4.1-nv] [HKLM\Software\Wow6432Node\BrowserV14.07-nv-ie] [HKLM\Software\Wow6432Node\BrowserV14.07-nv] [HKLM\Software\Wow6432Node\Clara] [HKLM\Software\Wow6432Node\Dynamo Combo] =>PUP.DynamoCombo [HKLM\Software\Wow6432Node\FastSearch] [HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider [HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\HighDefAction] [HKLM\Software\Wow6432Node\MaxPower] [HKLM\Software\Wow6432Node\MovieDea] [HKLM\Software\Wow6432Node\Reg] [HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp [HKLM\Software\Wow6432Node\Shop and Save Up-nv-ie] [HKLM\Software\Wow6432Node\Shop and Save Up-nv] [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive [HKLM\Software\Wow6432Node\WInterEnhancer] =>PUP.Wajam [HKLM\Software\Wow6432Node\WombatUpdater] [HKLM\Software\Wow6432Node\YorkNewCin] [HKLM\Software\Wow6432Node\bd0191ab-7327-4b77-803e-16f064193907] =>PUP.CrossRider [HKLM\Software\Wow6432Node\coupoon] [HKLM\Software\Wow6432Node\e41914d6-cc5e-4b13-8daa-e96dff056d2b] =>PUP.CrossRider [HKLM\Software\Wow6432Node\eb2effde-e511-4b7d-bec5-6aa524834d9e] =>PUP.CrossRider [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6] =>PUP.CrossRider [HKLM\Software\Wow6432Node\searchult] [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab [HKLM\Software\YorkNewCin] [HKLM\Software\coupoon] ~ Key Software: 466 Legitimates Filtered in 00mn 09s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 18/07/2015 - 22:13:27 - [] ----D C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D O43 - CFD: 16/07/2015 - 10:01:44 - [] ----D C:\Program Files (x86)\45504dce-2898-4cbb-afd2-886f2d5ebbf9 O43 - CFD: 15/07/2015 - 11:22:16 - [] ----D C:\Program Files (x86)\7e3edfa9-b2df-4661-9d7e-d0e44af97b76 O43 - CFD: 15/07/2015 - 09:18:27 - [] ----D C:\Program Files (x86)\830217a9-69d3-4765-91c3-cc128faee89e O43 - CFD: 18/07/2015 - 11:48:43 - [] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect O43 - CFD: 15/07/2015 - 11:22:49 - [] ----D C:\Program Files (x86)\App Lid O43 - CFD: 06/07/2015 - 15:46:58 - [] ----D C:\Program Files (x86)\Br0wsrApVs4.1 O43 - CFD: 15/07/2015 - 09:19:01 - [] ----D C:\Program Files (x86)\BrowserV14.07 O43 - CFD: 17/07/2015 - 15:45:53 - [] ----D C:\Program Files (x86)\Coupoon O43 - CFD: 15/07/2015 - 09:13:32 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowse O43 - CFD: 16/07/2015 - 09:58:19 - [] ----D C:\Program Files (x86)\d87ebfe1-6a4c-461e-810a-8bfc0192b5b1 O43 - CFD: 18/07/2015 - 22:37:27 - [] ----D C:\Program Files (x86)\Dynamo Combo =>PUP.DynamoCombo O43 - CFD: 15/07/2015 - 19:11:17 - [] ----D C:\Program Files (x86)\Easy Speed Check O43 - CFD: 15/07/2015 - 18:54:26 - [] ----D C:\Program Files (x86)\Exploremedia O43 - CFD: 18/07/2015 - 22:56:41 - [] ----D C:\Program Files (x86)\FastSearch O43 - CFD: 16/07/2015 - 10:01:44 - [] ----D C:\Program Files (x86)\fb84037f-2bd7-4d4e-9db0-78d316d5fb44 O43 - CFD: 16/07/2015 - 09:50:38 - [] ----D C:\Program Files (x86)\FriendlyError O43 - CFD: 16/07/2015 - 09:23:50 - [] ----D C:\Program Files (x86)\gmsd_fr_005010031 =>PUP.CrossRider O43 - CFD: 16/07/2015 - 14:56:40 - [] ----D C:\Program Files (x86)\gmsd_fr_005010032 =>PUP.CrossRider O43 - CFD: 17/07/2015 - 17:11:21 - [] ----D C:\Program Files (x86)\gmsd_fr_005010033 =>PUP.CrossRider O43 - CFD: 18/07/2015 - 10:37:29 - [] ----D C:\Program Files (x86)\gmsd_fr_005010034 =>PUP.CrossRider O43 - CFD: 16/07/2015 - 10:02:20 - [] ----D C:\Program Files (x86)\GoHD =>PUP.CrossRider O43 - CFD: 15/07/2015 - 19:09:41 - [] ----D C:\Program Files (x86)\MiuiTab O43 - CFD: 15/07/2015 - 11:26:42 - [] ----D C:\Program Files (x86)\PricELeoss =>PUP.PriceLess O43 - CFD: 15/07/2015 - 18:36:06 - [] ----D C:\Program Files (x86)\rec_fr_47 =>PUP.CrossRider O43 - CFD: 16/07/2015 - 09:58:55 - [] ----D C:\Program Files (x86)\Shop and Save Up O43 - CFD: 15/07/2015 - 10:47:26 - [] ----D C:\Program Files (x86)\version66CheckMeUp =>PUP.CrossRider O43 - CFD: 15/07/2015 - 09:15:27 - [] ----D C:\Program Files (x86)\WInterEnhancer =>PUP.Wajam O43 - CFD: 15/07/2015 - 09:52:40 - [] ----D C:\Program Files (x86)\WordSurfer_1.10.0.19 O43 - CFD: 19/01/2015 - 18:57:11 - [] ----D C:\Program Files (x86)\WSE_Vosteran =>PUP.Vosteran O43 - CFD: 15/07/2015 - 11:26:38 - [] ----D C:\Program Files (x86)\youtubeadblocker =>PUP.YouTubeAdBlock O43 - CFD: 26/08/2012 - 16:43:17 - [0] ----D C:\Program Files (x86)\Zbani O43 - CFD: 17/07/2015 - 12:20:05 - [] ----D C:\Program Files (x86)\Common Files\ClaraUpdater =>Adware.SupTab O43 - CFD: 15/07/2015 - 10:27:40 - [] ----D C:\ProgramData\11171269337210244622 O43 - CFD: 16/07/2015 - 09:42:57 - [] ----D C:\ProgramData\32338f1400007836 O43 - CFD: 06/07/2015 - 15:43:40 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 O43 - CFD: 16/07/2015 - 09:37:48 - [] ----D C:\ProgramData\ca74369800004866 O43 - CFD: 15/07/2015 - 10:18:25 - [] ----D C:\ProgramData\edaflhmhjpbjbadelnilbnkcmhclefcl O43 - CFD: 13/07/2015 - 18:28:28 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor O43 - CFD: 06/07/2015 - 15:49:13 - [] ----D C:\ProgramData\MocULS O43 - CFD: 15/07/2015 - 11:15:23 - [] ----D C:\ProgramData\MovieDeaConfig O43 - CFD: 06/07/2015 - 15:43:44 - [] ----D C:\ProgramData\Service7609 O43 - CFD: 15/07/2015 - 09:06:34 - [] ----D C:\ProgramData\Sriugnada O43 - CFD: 06/07/2015 - 15:45:38 - [] ----D C:\ProgramData\WebShield O43 - CFD: 06/07/2015 - 15:44:55 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu O43 - CFD: 16/07/2015 - 09:13:26 - [] ----D C:\ProgramData\{037b4073-d2d7-3bd4-037b-b4073d2d01cf} O43 - CFD: 13/07/2015 - 18:25:47 - [] ----D C:\ProgramData\{17b4ec11-06d4-e29a-17b4-4ec1106db044} O43 - CFD: 28/12/2011 - 13:35:36 - [] --H-D C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318} O43 - CFD: 18/07/2015 - 22:14:30 - [] ----D C:\ProgramData\{cb5e42a6-1d51-daf0-cb5e-e42a61d50a98} O43 - CFD: 19/01/2015 - 18:57:10 - [] ----D C:\ProgramData\{DE823641-8E00-E7C7-3F86-9745EF0444CB} O43 - CFD: 15/07/2015 - 10:17:05 - [] ----D C:\ProgramData\{ec7d9db1-0326-1c80-ec7d-d9db103276c4} O43 - CFD: 16/07/2015 - 15:23:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider O43 - CFD: 15/07/2015 - 09:16:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowse O43 - CFD: 14/07/2009 - 09:44:38 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 20/10/2012 - 21:14:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide O43 - CFD: 15/07/2015 - 09:15:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer =>PUP.Wajam O43 - CFD: 24/10/2014 - 23:05:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer O43 - CFD: 20/05/2012 - 12:12:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zbani O43 - CFD: 14/03/2015 - 17:04:16 - [] ----D C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore O43 - CFD: 19/01/2015 - 18:57:35 - [] ----D C:\Users\user\AppData\Roaming\1H1Q1V1N1N1O1R =>Adware.InstallCore O43 - CFD: 15/07/2015 - 11:23:32 - [] -SH-D C:\Users\user\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect O43 - CFD: 17/07/2015 - 15:43:26 - [] ----D C:\Users\user\AppData\Roaming\cpuminer O43 - CFD: 15/07/2015 - 19:11:13 - [] ----D C:\Users\user\AppData\Roaming\Easy Speed PC O43 - CFD: 10/03/2015 - 00:12:55 - [] ----D C:\Users\user\AppData\Roaming\FiestaOnline O43 - CFD: 17/03/2015 - 17:45:38 - [] ----D C:\Users\user\AppData\Roaming\Gameo =>PUP.Gameo O43 - CFD: 19/01/2015 - 19:03:06 - [] --H-D C:\Users\user\AppData\Roaming\GoldenGate O43 - CFD: 16/07/2015 - 09:31:10 - [] ----D C:\Users\user\AppData\Roaming\istartsurf =>PUP.Istart O43 - CFD: 06/07/2015 - 15:43:34 - [] ----D C:\Users\user\AppData\Roaming\nitionto O43 - CFD: 17/07/2015 - 14:21:07 - [] ----D C:\Users\user\AppData\Roaming\presmar O43 - CFD: 14/03/2015 - 17:04:53 - [] ----D C:\Users\user\AppData\Roaming\PriceFountain =>PUP.PriceFountain O43 - CFD: 14/03/2015 - 17:03:56 - [] ----D C:\Users\user\AppData\Roaming\Soldiers939 O43 - CFD: 06/07/2015 - 15:48:49 - [] ----D C:\Users\user\AppData\Roaming\SystClean O43 - CFD: 19/01/2015 - 18:57:25 - [] ----D C:\Users\user\AppData\Roaming\WSE_Vosteran =>PUP.Vosteran O43 - CFD: 15/07/2015 - 10:15:52 - [] ----D C:\Users\user\AppData\Local\2FFB295D-69D4-45C7-8092-154FB287FF79 O43 - CFD: 15/07/2015 - 18:19:03 - [] ----D C:\Users\user\AppData\Local\34934D00-1436953309-81DF-3E5E-20CF30755C3D O43 - CFD: 01/04/2015 - 07:06:27 - [] --H-D C:\Users\user\AppData\Local\449133a47ea3583b O43 - CFD: 06/07/2015 - 15:44:17 - [] ----D C:\Users\user\AppData\Local\7567 O43 - CFD: 15/07/2015 - 11:23:02 - [] ----D C:\Users\user\AppData\Local\AppsHat Mobile Apps =>PUP.CrossRider O43 - CFD: 15/07/2015 - 09:18:25 - [] ----D C:\Users\user\AppData\Local\BoBrowser =>PUP.BoBrowser O43 - CFD: 15/07/2015 - 09:16:38 - [] ----D C:\Users\user\AppData\Local\Crossbrowse =>PUP.CrossBrowse O43 - CFD: 17/07/2015 - 12:18:52 - [] ----D C:\Users\user\AppData\Local\Gameo =>PUP.Gameo O43 - CFD: 19/07/2015 - 13:58:26 - [] ----D C:\Users\user\AppData\Local\gmsd_fr_004010022 =>PUP.CrossRider O43 - CFD: 16/07/2015 - 09:51:31 - [] ----D C:\Users\user\AppData\Local\gmsd_fr_005010032 =>PUP.CrossRider O43 - CFD: 16/07/2015 - 20:28:26 - [] ----D C:\Users\user\AppData\Local\gmsd_fr_005010033 =>PUP.CrossRider O43 - CFD: 18/07/2015 - 10:37:30 - [] ----D C:\Users\user\AppData\Local\gmsd_fr_005010034 =>PUP.CrossRider O43 - CFD: 21/03/2015 - 12:52:05 - [] ----D C:\Users\user\AppData\Local\Pay-By-Ads =>PUP.PaybyAds O43 - CFD: 14/03/2015 - 17:04:18 - [] ----D C:\Users\user\AppData\Local\PriceFountain =>PUP.PriceFountain O43 - CFD: 16/07/2015 - 09:49:15 - [] ----D C:\Users\user\AppData\Local\SmartWeb =>PUP.SmartWeb O43 - CFD: 14/03/2015 - 17:03:15 - [0] ----D C:\Users\user\AppData\Local\Soldiers O43 - CFD: 06/07/2015 - 15:45:44 - [0] ----D C:\Users\user\AppData\Local\WebShield O43 - CFD: 15/07/2015 - 19:12:03 - [] ----D C:\Users\user\AppData\Local\Windesk_Winsearch O43 - CFD: 18/07/2015 - 11:48:43 - [] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect O43 - CFD: 15/07/2015 - 11:23:02 - [0] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider O43 - CFD: 19/01/2015 - 19:02:42 - [] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo =>PUP.Gameo O43 - CFD: 14/03/2015 - 17:04:07 - [] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain =>PUP.PriceFountain O43 - CFD: 14/03/2015 - 17:03:57 - [] ----D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soldiers ~ 1442 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 1822 Legitimates Filtered in 02mn 18s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5387F64C81F55F98A316A836514385C0] - 06/07/2015 - 14:44:42 ---A- . (...) -- C:\Windows\System32\Drivers\webTinstMKTN84.sys [50216] =>PUP.CorsicaTechnologies O44 - LFC:[MD5.5E39AB269564F93FD3CDA6B54A46986B] - 13/07/2015 - 12:13:36 ---A- . (...) -- C:\Windows\System32\Cofvopjy64.dll [349184] O44 - LFC:[MD5.0A68585336EA4804A8B4660EB889B228] - 13/07/2015 - 20:16:24 ---A- . (...) -- C:\Windows\System32\cpuminer-conf.json [226] O44 - LFC:[MD5.87C7C034CEF0409DD847533749148DD2] - 13/07/2015 - 20:18:00 ---A- . (...) -- C:\Windows\System32\cpuminer-gw64.exe [1404704] O44 - LFC:[MD5.E06AB7119970F9A296EA780EE5370A76] - 15/07/2015 - 08:15:38 ---A- . (...) -- C:\claraInstaller.txt [8222] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/07/2015 - 09:16:46 ---A- . (...) -- C:\dummy.htm [0] O44 - LFC:[MD5.5DCF7E46D90305BD83F533E5B069092C] - 15/07/2015 - 09:42:24 ---A- . (...) -- C:\Windows\win.ini [1336] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/07/2015 - 18:07:57 ---A- . (...) -- C:\Windows\hgfs.sys [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/07/2015 - 18:07:57 ---A- . (...) -- C:\Windows\prleth.sys [0] O44 - LFC:[MD5.68444E9D77D56E5524C62DB51953C7F3] - 16/07/2015 - 08:49:32 ---A- . (...) -- C:\user.js [45] O44 - LFC:[MD5.0DA3FBC2ECE10BF259F3F4F2FE08FE86] - 16/07/2015 - 08:49:36 ---A- . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\Windows\System32\Drivers\cherimoya.sys [61336] O44 - LFC:[MD5.2E337D553EAE82EE85C0DE302435CCA0] - 16/07/2015 - 08:53:13 ---A- . (...) -- C:\Windows\System32\Drivers\bsdriver.sys [34712] O44 - LFC:[MD5.B9AA59C49B5B95248725B2F2A7D0612F] - 17/07/2015 - 15:33:29 ----- . (...) -- C:\bootsqm.dat [6640] O44 - LFC:[MD5.82D593413FB9D5192C884F647E372FB8] - 18/07/2015 - 10:05:32 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini [3116] O44 - LFC:[MD5.E37D4C7F9DEE8B9B87054CDDE4DDA0E7] - 18/07/2015 - 21:38:15 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini [2063] O44 - LFC:[MD5.E672E3D33913063980EEBEE4A5F648DC] - 19/07/2015 - 12:54:53 ---A- . (...) -- C:\Windows\System32\CofvopjyOff.ini [2376] O44 - LFC:[MD5.BFBE8F9A91BED1C152D29A70BCC007BF] - 19/07/2015 - 12:55:02 ---A- . (...) -- C:\Windows\patsearch.bin [2499] O44 - LFC:[MD5.CB12637C3B55DE6F6D6BC29A0AE8B3AA] - 19/07/2015 - 13:07:59 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [23376] O44 - LFC:[MD5.CB12637C3B55DE6F6D6BC29A0AE8B3AA] - 19/07/2015 - 13:07:59 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [23376] ~ Files: 36 Legitimates Filtered in 00mn 30s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.18FD9E59C25710E16B60AB78DA91252B] - 16/07/2015 - 13:24:25 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-0855069A.pf =>PUP.CacaoWeb O45 - LFCP:[MD5.3F3A661B9F5CBEE3A210066CF9DACABB] - 17/07/2015 - 11:18:49 ---A- - C:\Windows\Prefetch\GAMEO.EXE-106BE63A.pf =>PUP.Gameo O45 - LFCP:[MD5.CC35D10BD26690BACB24FCF8ADFE2E98] - 17/07/2015 - 11:01:12 ---A- - C:\Windows\Prefetch\PRICEFOUNTAIN.EXE-1B58210C.pf =>PUP.PriceFountain O45 - LFCP:[MD5.77991A8B76B976FFEAF6471A996C746D] - 17/07/2015 - 11:01:02 ---A- - C:\Windows\Prefetch\PRICEFOUNTAINW.EXE-A5C817DF.pf =>PUP.PriceFountain ~ Prefetcher: 4 Legitimates Filtered in 00mn 01s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\BoBrowser [Key] . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O53 - SMSR:HKLM\...\startupreg\Easy Speed PC [Key] . (.Probit Software LTD - Easy Speed PC Schedule.) -- C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSchedule.exe =>PUP.ProbitSoftware O53 - SMSR:HKLM\...\startupreg\EasySpeedCheck [Key] . (.Probit Software LTD - EasySpeedCheck.) -- C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe =>PUP.SpeedCheck O53 - SMSR:HKLM\...\startupreg\Gameo [Key] . (...) -- C:\Users\user\AppData\Roaming\Gameo\gameo.exe =>PUP.Gameo O53 - SMSR:HKLM\...\startupreg\gmsd_fr_005010032 [Key] . (...) -- C:\Program Files (x86)\gmsd_fr_005010032\gmsd_fr_005010032.exe =>PUP.CrossRider O53 - SMSR:HKLM\...\startupreg\gmsd_fr_005010033 [Key] . (...) -- C:\Program Files (x86)\gmsd_fr_005010033\gmsd_fr_005010033.exe =>PUP.CrossRider O53 - SMSR:HKLM\...\startupreg\pricefountainw.exe [Key] . (.Price Fountain - Pas de description.) -- C:\Users\user\AppData\Local\PriceFountain\pricefountainw.exe =>PUP.PriceFountain O53 - SMSR:HKLM\...\startupreg\Registry Helper [Key] . (...) -- C:\Program Files (x86)\Registry Helper\RegistryHelper.exe (.not file.) =>PUP.RegistryHelper O53 - SMSR:HKLM\...\startupreg\shopperz12072015 [Key] . (...) -- C:\Program Files\shopperz12072015\Bzvra.exe =>PUP.Shopperz O53 - SMSR:HKLM\...\startupreg\shopperz1207201564 [Key] . (...) -- C:\Program Files\shopperz12072015\Bzvra64.exe =>PUP.Shopperz O53 - SMSR:HKLM\...\startupreg\Windesk Winsearch [Key] . (...) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe (.not file.) ~ SMSR Keys: 29 Legitimates Filtered in 00mn 05s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:16/07/2015 - 08:53:13 ---A- . (...) -- C:\Windows\System32\Drivers\bsdriver.sys [34712] O58 - SDL:18/06/2015 - 11:08:44 ---A- . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\Windows\System32\Drivers\cherimoya.sys [61336] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416] O58 - SDL:02/04/2015 - 23:22:32 ---A- . (.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\netfilter64.sys [46376] O58 - SDL:13/05/2010 - 07:00:21 ---A- . (.Windows (R) Win 7 DDK provider - AVStream Simulated Hardware Sample.) -- C:\Windows\System32\Drivers\S6000KNT.sys [190464] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:06/08/2009 - 23:17:34 ---A- . (...) -- C:\Windows\System32\Drivers\TurboB.sys [13784] O58 - SDL:06/07/2015 - 14:44:42 ---A- . (...) -- C:\Windows\System32\Drivers\webTinstMKTN84.sys [50216] =>PUP.CorsicaTechnologies O58 - SDL:15/06/2015 - 23:28:50 ---A- . (.Word Surfer - Word Surfer TDI Driver x64.) -- C:\Windows\System32\Drivers\wsafd_1_10_0_19.sys [61312] O58 - SDL:26/01/2015 - 07:45:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys [48792] =>PUP.LinkiDoo O58 - SDL:28/01/2015 - 21:41:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys [48792] =>PUP.LinkiDoo O58 - SDL:19/01/2015 - 06:41:00 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys [48792] =>PUP.LinkiDoo O58 - SDL:22/01/2015 - 12:54:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys [48792] =>PUP.LinkiDoo O58 - SDL:24/04/2014 - 11:20:52 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{a459d632-5225-4bb9-9a0b-002544d16f6e}w64.sys [61112] =>PUP.LinkiDoo ~ Drivers: 75 Legitimates Filtered in 00mn 05s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 15/07/2015 - 14:09:20 ---A- . (...) -- C:\Users\user\AppData\Local\2FFB295D-69D4-45C7-8092-154FB287FF79\2FFB295D-69D4-45C7-8092-154FB287FF79.exe [1967696] =>Adware.Pirrit O61 - LFC: 15/07/2015 - 14:09:28 ---A- . (...) -- C:\Users\user\AppData\Local\34934D00-1436953309-81DF-3E5E-20CF30755C3D\rnsg2EB1.exe [265728] O61 - LFC: 15/07/2015 - 14:09:29 ---A- . (...) -- C:\Users\user\AppData\Local\34934D00-1436953309-81DF-3E5E-20CF30755C3D\Uninstall.exe [51000] O61 - LFC: 15/07/2015 - 14:09:46 ---A- . (.Somoto Ltd..) -- C:\Users\user\AppData\Local\AppsHat Mobile Apps\Uninstall.exe [69275] =>PUP.CrossRider O61 - LFC: 15/07/2015 - 14:09:47 ---A- . (.The Chromium Authors.) -- C:\Users\user\AppData\Local\BoBrowser\Application\36.0.1985.141\Installer\setup.exe [947880] =>PUP.BoBrowser O61 - LFC: 15/07/2015 - 14:09:52 ---A- . (...) -- C:\Users\user\AppData\Local\gmsd_fr_005010032\upgmsd_fr_005010032.exe [3298960] =>PUP.CrossRider O61 - LFC: 15/07/2015 - 14:10:50 ---A- . (...) -- C:\Users\user\AppData\Local\WebPlayer\Uninstall.exe [64142] O61 - LFC: 16/07/2015 - 14:09:53 ---A- . (...) -- C:\Users\user\AppData\Local\gmsd_fr_005010033\upgmsd_fr_005010033.exe [3294128] =>PUP.CrossRider O61 - LFC: 16/07/2015 - 14:10:12 ---A- . (.SoftBrain Technologies Ltd..) -- C:\Users\user\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.SmartWeb O61 - LFC: 17/07/2015 - 14:09:54 ---A- . (...) -- C:\Users\user\AppData\Local\gmsd_fr_005010034\upgmsd_fr_005010034.exe [3297936] =>PUP.CrossRider O61 - LFC: 17/07/2015 - 14:11:51 ---A- . (...) -- C:\Users\user\AppData\Roaming\presmar\mainward.dll [135168] O61 - LFC: 17/07/2015 - 14:11:51 ---A- . (...) -- C:\Users\user\AppData\Roaming\presmar\unrydiro.dll [161792] O61 - LFC: 18/07/2015 - 14:09:51 ---A- . (...) -- C:\Users\user\AppData\Local\gmsd_fr_004010022\Download\myoffergroup_fr.exe [4019632] =>PUP.CrossRider ~ 342 Fichiers temporaires (Temporary files) ~ 92 Fichiers cookies (Cookies files) ~ Files: 68 Legitimates Filtered in 04mn 34s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 03/07/2009 - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASMMAP64) .(.ASUS - Memory mapping Driver.) - LEGACY_ASMMAP64 O64 - Services: CurCS - 18/06/2015 - C:\Windows\System32\drivers\cherimoya.sys (cherimoya) .(.Cherimoya Ltd - Cherimoya Ltd.) - LEGACY_CHERIMOYA O64 - Services: CurCS - 02/04/2015 - C:\Windows\System32\drivers\netfilter64.sys (netfilter64) .(.NetFilterSDK.com - NetFilter SDK WFP Driver (WPP).) - LEGACY_NETFILTER64 O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\Drivers\webTinstMKTN84.sys (webTinstMKTN84) .(...) - LEGACY_WEBTINSTMKTN84 =>PUP.CorsicaTechnologies O64 - Services: CurCS - 15/06/2015 - C:\Windows\System32\drivers\wsafd_1_10_0_19.sys (wsafd_1_10_0_19) .(.Word Surfer - Word Surfer TDI Driver x64.) - LEGACY_WSAFD_1_10_0_19 O64 - Services: CurCS - 26/01/2015 - C:\Windows\System32\drivers\{16a92140-918d-4afb-9edb-46f22437bb10}Gw64.sys ({16a92140-918d-4afb-9edb-46f22437bb10}Gw64) .(.StdLib - StdLib.) - LEGACY_{16A92140-918D-4AFB-9EDB-46F22437BB10}GW64 =>PUP.LinkiDoo O64 - Services: CurCS - 28/01/2015 - C:\Windows\System32\drivers\{3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64.sys ({3bcf4f2c-0bbb-4d4c-bf1f-11bbe6d501ea}Gw64) .(.StdLib - StdLib.) - LEGACY_{3BCF4F2C-0BBB-4D4C-BF1F-11BBE6D501EA}GW64 =>PUP.LinkiDoo O64 - Services: CurCS - 19/01/2015 - C:\Windows\System32\drivers\{641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64.sys ({641e52b1-3179-43ed-8bcb-f688871e52b0}Gw64) .(.StdLib - StdLib.) - LEGACY_{641E52B1-3179-43ED-8BCB-F688871E52B0}GW64 =>PUP.LinkiDoo O64 - Services: CurCS - 22/01/2015 - C:\Windows\System32\drivers\{915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64.sys ({915cb94b-b4d8-4c0e-83b4-61409471b1c3}Gw64) .(.StdLib - StdLib.) - LEGACY_{915CB94B-B4D8-4C0E-83B4-61409471B1C3}GW64 =>PUP.LinkiDoo O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{a459d632-5225-4bb9-9a0b-002544d16f6e}w64.sys ({a459d632-5225-4bb9-9a0b-002544d16f6e}w64) .(.StdLib - StdLib.) - LEGACY_{A459D632-5225-4BB9-9A0B-002544D16F6E}W64 =>PUP.LinkiDoo ~ Legacy: 96 Legitimates Filtered in 00mn 05s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] OldSearch - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - () - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {C9B164BC-F09C-47EC-861D-14201768FE4C} - (Yahoo! Search) - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} - (Yahoo! Search) - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch O69 - SBI: SearchScopes [HKCU] {EC4ABFD8-9F10-4644-ACF4-3BC654BD7C33} - (Yahoo! Search) - http://www.mystartsearch.com =>PUP.StartSearch ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Program Files (x86)\gamigo Games\Fiesta Online(EU_French)\ressystem\Action\B_CrackerHumar.dat =>.Crack,Keygen C:\Users\user\AppData\Roaming\.minecraft\Minecraft Beta Cracked.exe =>.Crack,Keygen C:\Users\user\AppData\Roaming\.minecraft\Minecraft Cracked.exe =>.Crack,Keygen C:\Users\user\AppData\Roaming\uTorrent\Minecraft_Beta_Cracked_v1.8.1.zip.torrent =>.Crack,Keygen C:\Users\user\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent =>.Crack,Keygen C:\Program Files (x86)\gamigo Games\Fiesta Online(EU_French)\ressystem\Action\B_CrackerHumar.dat =>.Crack,Keygen C:\Users\user\AppData\Roaming\.minecraft\Minecraft Beta Cracked.exe =>.Crack,Keygen C:\Users\user\AppData\Roaming\.minecraft\Minecraft Cracked.exe =>.Crack,Keygen C:\Users\user\AppData\Roaming\uTorrent\Minecraft_Beta_Cracked_v1.8.1.zip.torrent =>.Crack,Keygen C:\Users\user\AppData\Roaming\uTorrent\Minecraft_Cracked_v1.2.3.zip.torrent =>.Crack,Keygen ~ Files: Scanned in 01mn 40s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472] [MD5.9A796847500C10A68A6CC87A190D8E03] [SPRF][18/07/2015] (...) -- C:\ProgramData\JdLV07SR.dat [89365] [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\user\AppData\Roaming\6FhuRSj.exe [1579520] [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\user\AppData\Roaming\aZMW80R8SgPS5qRhm.exe [1579520] [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\user\AppData\Roaming\F4zxxelUHkGr3l5M7d8Booyo.exe [1579520] [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\user\AppData\Roaming\Xfg6xEGf5LSY9bal3qCuWJHWZ.exe [1579520] [MD5.54DB2B8C60F04C5ADE6D711D47EABA75] [SPRF][30/01/2014] (...) -- C:\Users\user\Desktop\adwcleaner.exe [1166132] ~ Files: 8 Legitimates Filtered in 00mn 01s ---\\ Recherche d'infection Rogue (SRI) (O86) O43 - CFD: 06/07/2015 - 15:43:40 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 ~ Files: Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{7C02E95B-A972-4538-B81C-D9578C3A394B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{9E5EF7BA-85D8-49E2-BE5E-2883ABD6736F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{843982B4-4344-4588-BFBD-B711DB46F957}" | In - None - P17 - TRUE | .(.The BoBrowser Authors - BoBrowser.) -- C:\Users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser O87 - FAEL: "{081D0381-8B64-4A8E-BDC5-2F67D8400F7B}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse ~ Firewall: 4 Legitimates Filtered in 00mn 07s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "E8E877ED6825FF148AE54DA13648DD38" . (.Boxore Client.) -- C:\Windows\Installer\{DE778E8E-5286-41FF-A85E-D41A6384DD83}\Boxore.ico =>Adware.Boxore ~ Update Products: 1 Legitimates Filtered in 00mn 01s ---\\ Export de clés de registre aléatoires (O91) [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:060df2cd="alAl/YP/b/Af/X6/bxAu/Y//alAf/YP/HPAj/Xb/UxAp/X2/GxAk////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:0c230bcb="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:0dc3ee96="/P////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:0e93c3f3="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:1520c6f1="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:1c311243="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:27ddcf6f="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:2d71d5ab="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:2e22d94e="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:340d3099="/P////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:3c09c42b="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:414bc593="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:48bd1aff="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:51d2f2ea="IlAl/YP/HPAi/Xt/dxAu/YZ/J/Af/X6/Z/AM/X6/axAp/YP/alAf/Xt/axAr/B//VP/j/Cx/V//j/C [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:587b5709="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:6185d035="VP/h/CP/V//l////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:65114b36="VP/+////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:72758a5d="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:7367429f="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:7f69fa1f="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:8b9e4cbc="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:a0743acc="N/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:a1dcff5b="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:a2e3b941="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:bbf88800="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:c5705860="Vx////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:c6c5dd44="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:d1abcdb6="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:d94388d2="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:e46c271e="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:f0bf0bde="///%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:f1f24e29="Vl/l/C/////%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:f2c53c49="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:f6ad6fa6="V/////%%" [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6\58189680432847320\eae10f9d]:fe94ce1e="V/////%%" ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.F3E0BCAC0A50EA3B7571407A7DA325C7] [WIS][15/07/2015] (.globalupdate - globalupdate.) -- C:\Windows\Installer\27092a.msi [32768] =>PUP.GlobalUpdate [MD5.FEEB576634F1F961F5649D4D09F02363] [WIS][16/03/2012] (.Iminent - Iminent.) -- C:\Windows\Installer\4bc9fa.msi [9420800] =>Adware.IMBooster [MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][16/03/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\4bca01.msi [1019392] =>Adware.IMBooster [MD5.1869BA0951D281A460CB4BB286583B68] [WIS][07/05/2015] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\88a28.msi [5685248] =>Adware.Boxore [MD5.72B8B7979608E151144A28EDE27B7952] [WIS][28/12/2011] (.Bandoo Media Inc. - iLivid Installation.) -- C:\Windows\Installer\8fb6d9.msi [290816] =>Adware.Bandoo ~ WIS: 5 Legitimates Filtered in 00mn 10s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Microsoft\Tracing\LolliScan_RASAPI32 =>Adware.Graftor HKLM\SOFTWARE\Microsoft\Tracing\MixVideoPlayer_RASAPI32 =>PUP.MixVideoPlayer HKLM\SOFTWARE\Microsoft\Tracing\MixVideoPlayer_RASMANCS =>PUP.MixVideoPlayer HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASAPI32 =>PUP.StormWatch HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASMANCS =>PUP.StormWatch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BatBrowseUninstallertemp_RASAPI32 =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BatBrowseUninstallertemp_RASMANCS =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASAPI32 =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_2-KFRPtAWP-1__RASMANCS =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MixVideoPlayer_RASAPI32 =>PUP.MixVideoPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MixVideoPlayer_RASMANCS =>PUP.MixVideoPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASAPI32 =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASMANCS =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASAPI32 =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASMANCS =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent(torrent,remote_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent(torrent,remote_RASMANCS =>P2P.µTorrent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent ~ BTK: 246 Legitimates Filtered in 00mn 01s ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{c49ac435-5c4d-450f-aa56-cd31f96613b3}] (shopperz12072015) =>PUP.Shopperz ~ BCK: 4853 Legitimates Filtered in 00mn 34s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 15/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 19/10/2014 363208 | (BRSptStub) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptStub.exe SS - | Auto 18/07/2015 2570896 | (c31ed948) . (...) - c:\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll =>PUP.OptimizerPro SS - | Auto 02/04/2015 172344 | (CoupoonService64) . (...) - C:\Program Files (x86)\coupoon\iiwjljrnpc64.exe SS - | Demand 26/02/2011 79360 | (Creative ALchemy AL6 Licensing Service) . (.Creative Labs.) - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe SS - | Demand 26/02/2011 79360 | (Creative Audio Engine Licensing Service) . (.Creative Labs.) - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe SS - | Auto 16/07/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate SS - | Demand 16/07/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate SS - | Auto 18/07/2015 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 18/07/2015 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 18/07/2015 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 18/06/2015 1133880 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 06/08/2009 118672 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SS - | Auto 07/07/2014 580232 | (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe SR - | Auto 13/07/2015 285544 | (46784c7a-2afb-4c2f-b299-133de9a46a66) . (...) - C:\Program Files\shopperz12072015\Igivkorcb.exe =>PUP.Shopperz SR - | Auto 29/06/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 22/06/2010 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe SR - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe SR - | Auto 17/07/2015 926832 | (ClaraUpdater) . (.ClaraLabs.) - C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab SR - | Demand 13/07/2015 2020864 | (Cofvopjy) . (...) - C:\Program Files\shopperz12072015\Cofvopjy.exe =>PUP.Shopperz SR - | Auto 13/07/2015 1448808 | (csrcc) . (...) - C:\Program Files\shopperz12072015\csrcc.exe =>PUP.Shopperz SR - | Auto 24/06/2015 125112 | (IHProtect Service) . (.XTab system.) - C:\Program Files (x86)\MiuiTab\ProtectService.exe =>Adware.AgentODR SR - | Auto 01/10/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 13/07/2015 171920 | (LosdyLijfeu) . (...) - C:\Program Files\shopperz12072015\ZazyjiKotn.exe =>PUP.Shopperz SR - | Auto 18/06/2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe SR - | Auto 06/08/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 13/07/2015 174952 | (shopperz12072015 Updater) . (...) - C:\Program Files\shopperz12072015\Xzeexmh.exe =>PUP.Shopperz SR - | Auto 06/08/2010 235624 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 01/10/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 19/07/2015 471792 | (Update Dynamo Combo) . (...) - C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe =>PUP.DynamoCombo SR - | Auto 17/07/2015 53040 | (UpdateCheck) . (...) - C:\Program Files (x86)\Coupoon\UpdateCheck.exe SR - | Auto 19/07/2015 471792 | (Util Dynamo Combo) . (...) - C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe =>PUP.DynamoCombo SR - | Auto 15/07/2015 165376 | (vicoqudu) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\hnsqBB35.tmp SR - | Auto 18/07/2015 264704 | (welyxosy) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\knsr464E.tmp SR - | Auto 06/07/2015 707240 | (WindowsMangerProtect) . (.DTools LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu SR - | Auto 09/07/2015 1166336 | (WInterEnhancer Service) . (...) - C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe =>PUP.Wajam SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 06/07/2015 2732024 | (WQsFLW) . (.Irrational Number Applications.) - C:\ProgramData\MocULS\WQsFLW.exe SR - | Auto 15/06/2015 299608 | (wsasvc_1.10.0.19) . (.Word Surfer.) - C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 15/07/2015 199168 | (zejytose) . (...) - C:\Program Files (x86)\34934D00-1436946051-81DF-3E5E-20CF30755C3D\jnsvA3DC.tmp ~ Services: Scanned in 00mn 40s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by user at 19/07/2015 14:16:57 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by user at 19/07/2015 14:16:59 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13008 - (17/04/2015) Clés trouvées (Keys found) : 63 Valeurs trouvées (Values found) : 32 Dossiers trouvés (Folders found) : 44 Fichiers trouvés (Files found) : 173 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C49AC435-5C4D-450F-AA56-CD31F96613B3}] =>PUP.Shopperz^ [HKLM\SYSTEM\CurrentControlSet\Services\46784c7a-2afb-4c2f-b299-133de9a46a66] =>PUP.Shopperz^ [HKLM\SYSTEM\CurrentControlSet\Services\c31ed948] =>PUP.OptimizerPro^ [HKLM\SYSTEM\CurrentControlSet\Services\ClaraUpdater] =>Adware.SupTab^ [HKLM\SYSTEM\CurrentControlSet\Services\csrcc] =>PUP.Shopperz^ [HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^ [HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service] =>Adware.AgentODR^ [HKLM\SYSTEM\CurrentControlSet\Services\LosdyLijfeu] =>PUP.Shopperz^ [HKLM\SYSTEM\CurrentControlSet\Services\shopperz12072015 Updater] =>PUP.Shopperz^ [HKLM\SYSTEM\CurrentControlSet\Services\Update Dynamo Combo] =>PUP.DynamoCombo^ [HKLM\SYSTEM\CurrentControlSet\Services\Util Dynamo Combo] =>PUP.DynamoCombo^ [HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^ [HKLM\SYSTEM\CurrentControlSet\Services\WInterEnhancer Service] =>PUP.Wajam^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.CMILimited^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps] =>PUP.CrossRider^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser] =>PUP.BoBrowser^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DE778E8E-5286-41FF-A85E-D41A6384DD83}] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}] =>PUP.BuzzDock^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\7306067D-AF12-7D60-2A9A-7392B649EA7C] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowse^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dynamo Combo] =>PUP.DynamoCombo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Easy Speed PC] =>PUP.ProbitSoftware^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites] =>PUP.Dealply^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages] =>Adware.InstallCore^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gameo] =>PUP.Gameo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoHD] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LolliScan] =>Adware.Graftor^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceFountain] =>PUP.PriceFountain^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb] =>PUP.SmartWeb^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Fountain] =>PUP.PriceFountain^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Vosteran] =>PUP.Vosteran^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall] =>PUP.Istart^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BoBrowser] =>PUP.BoBrowser^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Easy Speed PC] =>PUP.ProbitSoftware^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\EasySpeedCheck] =>PUP.SpeedCheck^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Gameo] =>PUP.Gameo^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_005010032] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_005010033] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\pricefountainw.exe] =>PUP.PriceFountain^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Registry Helper] =>PUP.RegistryHelper^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz12072015] =>PUP.Shopperz^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz1207201564] =>PUP.Shopperz^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\430E8DB44F0E90547A3564A7E858C48D] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0DA5D75B5B33B4B83724742699814F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C506B89D971FBA3418F37674F3BC1244] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E95E6C2F69DE1E4449ECD2AA116D329A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA78903E905F6C41BA2E3CC615507CA] =>Adware.Boxore^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:GoogleChromeAutoLaunch_100535F106431A9BDA15E8895BE69FFB =>PUP.CrossBrowse^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:gmsd_fr_004010022 =>PUP.CrossRider^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upgmsd_fr_004010022.exe =>PUP.CrossRider^ C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {6C60F5D5-5222-36B2-BB03-CA55D8F47803} . (...) -- C:\extensions\Program Files (x86)\version66CheckMeUp\192.xpi =>PUP.CrossRider^ C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^ C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowse^ C:\Program Files (x86)\Dynamo Combo =>PUP.DynamoCombo^ C:\Program Files (x86)\gmsd_fr_005010031 =>PUP.CrossRider^ C:\Program Files (x86)\gmsd_fr_005010032 =>PUP.CrossRider^ C:\Program Files (x86)\gmsd_fr_005010033 =>PUP.CrossRider^ C:\Program Files (x86)\gmsd_fr_005010034 =>PUP.CrossRider^ C:\Program Files (x86)\GoHD =>PUP.CrossRider^ C:\Program Files (x86)\PricELeoss =>PUP.PriceLess^ C:\Program Files (x86)\rec_fr_47 =>PUP.CrossRider^ C:\Program Files (x86)\version66CheckMeUp =>PUP.CrossRider^ C:\Program Files (x86)\WInterEnhancer =>PUP.Wajam^ C:\Program Files (x86)\WSE_Vosteran =>PUP.Vosteran^ C:\Program Files (x86)\youtubeadblocker =>PUP.YouTubeAdBlock^ C:\Program Files (x86)\Common Files\ClaraUpdater =>Adware.SupTab^ C:\ProgramData\LolliScan =>Adware.Graftor^ C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowse^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WInterEnhancer =>PUP.Wajam^ C:\Users\user\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore^ C:\Users\user\AppData\Roaming\1H1Q1V1N1N1O1R =>Adware.InstallCore^ C:\Users\user\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^ C:\Users\user\AppData\Roaming\Gameo =>PUP.Gameo^ C:\Users\user\AppData\Roaming\istartsurf =>PUP.Istart^ C:\Users\user\AppData\Roaming\PriceFountain =>PUP.PriceFountain^ C:\Users\user\AppData\Roaming\WSE_Vosteran =>PUP.Vosteran^ C:\Users\user\AppData\Local\AppsHat Mobile Apps =>PUP.CrossRider^ C:\Users\user\AppData\Local\BoBrowser =>PUP.BoBrowser^ C:\Users\user\AppData\Local\Crossbrowse =>PUP.CrossBrowse^ C:\Users\user\AppData\Local\Gameo =>PUP.Gameo^ C:\Users\user\AppData\Local\gmsd_fr_004010022 =>PUP.CrossRider^ C:\Users\user\AppData\Local\gmsd_fr_005010032 =>PUP.CrossRider^ C:\Users\user\AppData\Local\gmsd_fr_005010033 =>PUP.CrossRider^ C:\Users\user\AppData\Local\gmsd_fr_005010034 =>PUP.CrossRider^ C:\Users\user\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^ C:\Users\user\AppData\Local\PriceFountain =>PUP.PriceFountain^ C:\Users\user\AppData\Local\SmartWeb =>PUP.SmartWeb^ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider^ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo =>PUP.Gameo^ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain =>PUP.PriceFountain^ C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318} =>Adware.Bandoo C:\Program Files\shopperz12072015\Bzvra.exe =>PUP.Shopperz^ C:\Program Files (x86)\MiuiTab\cmdshell.exe =>PUP.SearchProtect^ C:\Users\user\AppData\Local\gmsd_fr_004010022\upgmsd_fr_004010022.exe =>PUP.CrossRider^ C:\Users\user\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider^ C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse^ C:\Users\user\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb^ C:\Program Files (x86)\gmsd_fr_005010033\gmsd_fr_005010033.exe =>PUP.CrossRider^ C:\Program Files (x86)\gmsd_fr_005010034\gmsd_fr_005010034.exe =>PUP.CrossRider^ C:\Users\user\AppData\Local\SmartWeb\SmartWebApp.exe =>PUP.SmartWeb^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-10.exe =>PUP.CrossRider^ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-1-6.exe =>PUP.CrossRider^ C:\Program Files\shopperz12072015\Igivkorcb.exe =>PUP.Shopperz^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab^ C:\Program Files\shopperz12072015\csrcc.exe =>PUP.Shopperz^ C:\Program Files\shopperz12072015\ZazyjiKotn.exe =>PUP.Shopperz^ C:\Program Files\shopperz12072015\Xzeexmh.exe =>PUP.Shopperz^ C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancerService.exe =>PUP.Wajam^ C:\Program Files\shopperz12072015\Cofvopjy.exe =>PUP.Shopperz^ C:\Program Files (x86)\WInterEnhancer\WInterEnhancer Internet Enhancer\InternetEnhancer.exe =>PUP.Wajam^ C:\Program Files (x86)\Dynamo Combo\bin\utilDynamoCombo.exe =>PUP.DynamoCombo^ C:\Program Files (x86)\Dynamo Combo\updateDynamoCombo.exe =>PUP.DynamoCombo^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-1-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-11.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-3.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-5.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\52741cd5-0963-4623-a329-e4604047514b-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect^ C:\Program Files (x86)\version66CheckMeUp\m6CheckMeUpw79.exe =>PUP.CrossRider^ C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.CrossBrowse^ C:\users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe =>Hijacker.DSite^ C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCSchedule.exe =>PUP.ProbitSoftware^ C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate^ C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe =>PUP.OptimizerPro^ C:\users\user\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.exe =>PUP.PriceFountain^ C:\users\user\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser^ C:\users\user\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb^ C:\Program Files\shopperz12072015\Ubehsi.bat" =>PUP.Shopperz^ C:\users\user\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.exe =>PUP.Vosteran^ C:\ProgramData\LolliScan\LolliScan.exe =>Adware.Graftor^ C:\users\user\AppData\Roaming\istartsurf\UninstallManager.exe =>PUP.Istart^ C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5 =>PUP.CrossRider^ C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-5_user =>PUP.CrossRider^ C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-6 =>PUP.CrossRider^ C:\Windows\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\02d3f9e4-e529-4c6c-8728-c3ba2a66dcb2-7 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-6 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-1-7 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-10_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-10_user =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-11 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-3 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-5 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-5_user =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-6 =>PUP.CrossRider^ C:\Windows\Tasks\52741cd5-0963-4623-a329-e4604047514b-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\52741cd5-0963-4623-a329-e4604047514b-7 =>PUP.CrossRider^ C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-11 =>PUP.CrossRider^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-3 =>PUP.CrossRider^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5 =>PUP.CrossRider^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-5_user =>PUP.CrossRider^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-6 =>PUP.CrossRider^ C:\Windows\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b3b23845-23db-4d7f-bb0a-d6a24433715e-7 =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-11 =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-3 =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5 =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-5_user =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-6 =>PUP.CrossRider^ C:\Windows\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\baf8dca5-c766-44e7-ab83-ed3a2949214b-7 =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-11 =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-3 =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5 =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-5_user =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-6 =>PUP.CrossRider^ C:\Windows\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bbfbdf44-4c11-424e-bf89-c8daeda3b483-7 =>PUP.CrossRider^ C:\Windows\Tasks\CheckMeUp Update.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\CheckMeUp Update =>PUP.CrossRider^ C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowse^ C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowse^ C:\Windows\Tasks\Digital Sites.job =>Hijacker.DSite^ C:\Windows\System32\Tasks\Digital Sites =>Hijacker.DSite^ C:\Windows\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5 =>PUP.CrossRider^ C:\Windows\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\fbf9e475-8075-4aee-8005-248123f010ae-5_user =>PUP.CrossRider^ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^ C:\Windows\Tasks\Price Fountain.job =>PUP.PriceFountain^ C:\Windows\System32\Tasks\Price Fountain =>PUP.PriceFountain^ C:\Windows\Tasks\Superclean.job =>Hijacker.iHaveNet^ C:\Windows\Tasks\WSE_Vosteran.job =>PUP.Vosteran^ C:\Windows\System32\Tasks\WSE_Vosteran =>PUP.Vosteran^ C:\Windows\Tasks\ZBZOF1.job =>Adware.Graftor^ C:\Windows\System32\Tasks\ZBZOF1 =>Adware.Graftor^ [HKCU\Software\AnyProtect] =>PUP.AnyProtect^ [HKCU\Software\CinemaPlus-3.2cV13.07-nv-ie] =>PUP.CrossRider^ [HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^ [HKCU\Software\Crossbrowse] =>PUP.CrossBrowse^ [HKCU\Software\Dynamo Combo] =>PUP.DynamoCombo^ [HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider^ [HKCU\Software\GoHD-nv] =>PUP.CrossRider^ [HKCU\Software\GoHD] =>PUP.CrossRider^ [HKCU\Software\ProductSetup] =>Adware.InstallCore^ [HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^ [HKCU\Software\TutoTag] =>PUP.AgenceExclusive^ [HKCU\Software\WInterEnhancer] =>PUP.Wajam^ [HKCU\Software\WajIEnhance] =>PUP.Wajam^ [HKCU\Software\wse_vosteran] =>PUP.Vosteran^ [HKLM\Software\LolliScan] =>Adware.Graftor^ [HKLM\Software\Wow6432Node\06efd294-d850-4969-abd2-4059237f735d] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\43b48def-e762-4e78-b467-b86662640e44] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\6b6b93bd-1de9-4a1b-a3b2-d7662580653a] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\83f4e8ad-d5ea-4398-ae4a-a50f60593845] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\8b6e9139-2682-489e-9056-b3ee9505fcd9] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\9051900b-9712-4b58-92d9-f29e3472fc9a] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\Dynamo Combo] =>PUP.DynamoCombo^ [HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^ [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^ [HKLM\Software\Wow6432Node\WInterEnhancer] =>PUP.Wajam^ [HKLM\Software\Wow6432Node\bd0191ab-7327-4b77-803e-16f064193907] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\e41914d6-cc5e-4b13-8daa-e96dff056d2b] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\eb2effde-e511-4b7d-bec5-6aa524834d9e] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\f8df9d4f-e1f2-c750-2d08-37a22690e4a6] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^ C:\Windows\Installer\27092a.msi =>PUP.GlobalUpdate^ C:\Windows\Installer\4bc9fa.msi =>Adware.IMBooster^ C:\Windows\Installer\4bca01.msi =>Adware.IMBooster^ C:\Windows\Installer\88a28.msi =>Adware.Boxore^ C:\Windows\Installer\8fb6d9.msi =>Adware.Bandoo^ [HKCR\CLSID\{c49ac435-5c4d-450f-aa56-cd31f96613b3}] (shopperz12072015) =>PUP.Shopperz^ C:\Users\user\AppData\Local\Temp\dlLogic.exe =>Toolbar.Conduit C:\Users\user\AppData\Local\Temp\GCVerifier.dll =>Toolbar.Conduit ~ Additionnel Scan: 342775 Items scanned in 05mn 14s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 4 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowse http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu http://www.nicolascoolman.fr/blog/ =>Adware.SupTab http://nicolascoolman.fr/pup-wajam =>PUP.Wajam http://nicolascoolman.fr/pup-dynamocombo =>PUP.DynamoCombo http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://www.nicolascoolman.fr/blog/ =>PUP.BoBrowser http://www.nicolascoolman.fr/blog/ =>PUP.PCSpeedMaximizer http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware http://www.nicolascoolman.fr/blog/ =>PUP.Gameo http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect http://www.nicolascoolman.fr/blog/ =>PUP.ContinueLiveInstallation http://www.nicolascoolman.fr/blog/ =>PUP.LivePCHelp http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR http://nicolascoolman.fr/hijacker-dsite =>Hijacker.DSite http://www.nicolascoolman.fr/blog/ =>PUP.PriceFountain http://www.nicolascoolman.fr/blog/ =>PUP.Vosteran http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds http://www.nicolascoolman.fr/blog/ =>Adware.Graftor http://www.nicolascoolman.fr/blog/ =>PUP.Istart http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch http://nicolascoolman.fr/hijacker-ihavenet =>Hijacker.iHaveNet http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo http://www.nicolascoolman.fr/blog/ =>PUP.CMILimited http://nicolascoolman.fr/adware-boxore =>Adware.Boxore http://www.nicolascoolman.fr/blog/ =>PUP.BuzzDock http://nicolascoolman.fr/pup-dealply =>PUP.Dealply http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp http://nicolascoolman.fr/pup-suptab =>PUP.SupTab http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess http://nicolascoolman.fr/35828469-pup-youtubeadblocker- =>PUP.YouTubeAdBlock http://www.nicolascoolman.fr/blog/ =>PUP.CorsicaTechnologies http://nicolascoolman.fr/pup-cacaoweb =>PUP.CacaoWeb http://www.nicolascoolman.fr/blog/ =>PUP.SpeedCheck http://www.nicolascoolman.fr/blog/ =>PUP.RegistryHelper http://www.nicolascoolman.fr/blog/ =>Adware.Pirrit http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo http://www.nicolascoolman.fr/blog/ =>PUP.MixVideoPlayer http://www.nicolascoolman.fr/blog/ =>PUP.StormWatch http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector http://nicolascoolman.fr/pup-batbrowse =>PUP.BatBrowse http://nicolascoolman.fr/adware-incredibar =>Adware.Incredibar http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive http://nicolascoolman.fr/pup-tarma =>PUP.Tarma http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit ~ MSI: 59 link(s) detected in 00mn 00s ---\\ Alert Messages WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool ~ 2909 Legitimates filtered by white list End of the scan (1548 lines in 19mn 34s)(10.10)