~ Rapport de ZHPDiag v2014.5.1.49 - Nicolas Coolman (01/05/2014) ~ Lancé par Eric (03/05/2014 09:25:04) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16897 (Defaut) GCIE: Google Chrome v31.0.1650.63 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : JK6BG Windows License : OK ~ Windows Remaining Initializations Number : 1000 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2018 Malwarebytes Anti-Malware version 2.0.1.1004 Windows Defender W8 ---\\ Logiciels d'optimisation du système CCleaner v4.11 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 13 Plugin ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3970 MB (46% free) System Restore: Activé (Enable) System drive C: has 868 GB (94%) free of 915 GB ---\\ Mode de connexion au système ~ Computer Name: PC-MAISON ~ User Name: Eric ~ All Users Names: UpdatusUser, HomeGroupUser$, Eric, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Eric\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Eric\AppData\Roaming\ ~ %Desktop% : C:\Users\Eric\Desktop\ ~ %Favorites% : C:\Users\Eric\Favorites\ ~ %LocalAppData% : C:\Users\Eric\AppData\Local\ ~ %StartMenu% : C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 868 Go of 915 Go) E: CD-ROM drive (Free 0 Go of 1 Go) Y: Hard drive, Flash drive, Thumb drive (Free 2 Go of 2 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 44 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.26/06/2013 - 23:11:10.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.26/06/2013 - 23:12:20.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/3 ~ Mes musiques (My Musics) : 1/135 ~ Mes Videos (My Videos) : 1/3 ~ Mes Favoris (My Favorites) : 1/15 ~ Mes Documents (My Documents) : 2/291 ~ Mon Bureau (My Desktop) : 5/594 ~ Menu demarrer (Programs) : 1/69 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.3108] [MD5.10EF557CEBF0F1D19F48855133F5F7E8] - (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe [194224] [PID.4672] [MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.4280] [MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4640] [MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2436] [MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.5364] [MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.5188] [MD5.C6FD6C175276637C5D6F6EA293137F5E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7867904] [PID.4036] [MD5.253EB69F697FCCFEFCE49335301EF3A1] - (.SoftThinks - Dell - Dell Backup And Recovery Toaster.) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.exe [4124760] [PID.3896] [MD5.D2512647A82BFCCE0135809C2DD2ED14] - (.SoftThinks - Dell - Dell Backup And Recovery Update Launcher.) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe [493656] [PID.2752] [MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.6152] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [ebbijfohkliglklcbbpbblhdbomibgfn] Png2IMagae v.1.6 (Activé) =>PUP.Png2Image ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 11 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline O3 - Toolbar: Canon Easy-WebPrint EX - [HKLM]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Optimizer Elite Max.lnk . (...) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe (.not file.) =>PUP.OptimizerEliteMax O4 - GS\Program [Public]: Webplayer.lnk . (...) -- C:\Program Files (x86)\Webplayer\Webplayer.exe (.not file.) =>Adware.SocialSkinz O4 - GS\Desktop [Eric]: Sync Folder.lnk . (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) =>PUP.MyPCBackup ~ Global Startup: 3 Legitimates Filtered in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SA3\SACpl.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [CANAL+ CANALSAT A LA DEMANDE] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKUS\S-1-5-21\..\Run: [resource] Clé orpheline O4 - HKUS\S-1-5-21\..\RunOnce: [resource] Clé orpheline ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.) O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0E628C1A-1C0A-4CBA-9B5F-1387D677E9CE}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{C7C82AF7-65E5-480E-9CB9-200EB602A768}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{C7C82AF7-65E5-480E-9CB9-200EB602A768}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{0E628C1A-1C0A-4CBA-9B5F-1387D677E9CE}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{C7C82AF7-65E5-480E-9CB9-200EB602A768}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{C7C82AF7-65E5-480E-9CB9-200EB602A768}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\Eric\AppData\Roaming\VOPackage\VOsrv.exe (.not file.) =>Adware.Downware ~ Services: 20 Legitimates Filtered in 00mn 08s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [PCHelpers1st] (...) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe (.not file.) [0] =>PUP.OptimizerEliteMax [MD5.00000000000000000000000000000000] [APT] [PCHelpers_period] (...) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe (.not file.) [0] =>PUP.OptimizerEliteMax [MD5.00000000000000000000000000000000] [APT] [{6C92C0C8-32B4-4A38-A7A0-7CAF822B9ECC}] (...) -- C:\Program Files (x86)\weDownload\Uninstall.exe (.not file.) [0] =>PUP.weDownloadManager O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1080] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1084] O39 - APT: PCHelpers1st - (...) -- C:\Windows\Tasks\PCHelpers1st.job [318] =>PUP.OptimizerEliteMax O39 - APT: PCHelpers1st - (...) -- C:\Windows\System32\Tasks\PCHelpers1st [318] =>PUP.OptimizerEliteMax O39 - APT: PCHelpers_period - (...) -- C:\Windows\Tasks\PCHelpers_period.job [318] =>PUP.OptimizerEliteMax O39 - APT: PCHelpers_period - (...) -- C:\Windows\System32\Tasks\PCHelpers_period [318] =>PUP.OptimizerEliteMax ~ Scheduled Task: 60 Legitimates Filtered in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E365FDA-909F-4939-838A-261DD468D862} =>Adware.Boxore O42 - Logiciel: NewPlayer - (...) [HKLM][64Bits] -- NewPlayer =>Adware.PUP.NewPlayer O42 - Logiciel: Optimizer Elite Max - (.Viracure Limited.) [HKLM][64Bits] -- Optimizer Elite Max_is1 =>PUP.OptimizerEliteMax O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {e4c7fad9-298d-49b1-a6d4-eb7be6204232} =>Hijacker.SmartBar O42 - Logiciel: Webplayer - (.Kreapixel.) [HKLM][64Bits] -- {F750DB0E-D452-3108-63C9-FE16BC686741} =>Adware.SocialSkinz ~ Logic: 29 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Condut] [HKCU\Software\ELIGCHK] [HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax [HKLM\Software\Wow6432Node\mamverifier] ~ Key Software: 220 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 02/05/2014 - 21:13:38 - [0] ----D C:\Program Files (x86)\weDownload =>PUP.weDownloadManager O43 - CFD: 17/04/2014 - 11:02:09 - [] ----D C:\ProgramData\23d1401f69106d19 O43 - CFD: 01/02/2014 - 12:42:05 - [] ----D C:\ProgramData\ebbijfohkliglklcbbpbblhdbomibgfn O43 - CFD: 29/01/2014 - 10:07:46 - [] ----D C:\ProgramData\ikejlpcnciehfncoaanainkfjohcigpm O43 - CFD: 26/04/2014 - 12:08:58 - [] ----D C:\ProgramData\less2pAy =>PUP.Less2Pay O43 - CFD: 26/04/2014 - 12:08:58 - [] ----D C:\ProgramData\Png2IMagae =>PUP.Png2Image O43 - CFD: 17/04/2014 - 11:02:09 - [] ----D C:\ProgramData\PriceDoownloaDEra =>PUP.PriceDownloader O43 - CFD: 26/04/2014 - 12:08:58 - [] ----D C:\ProgramData\SoiftCoUUp =>PUP.RandomName O43 - CFD: 26/04/2014 - 12:08:58 - [] ----D C:\ProgramData\ssaver box =>PUP.SaverBox O43 - CFD: 26/04/2014 - 12:08:58 - [] ----D C:\ProgramData\WPM =>PUP.WpManager O43 - CFD: 24/11/2013 - 18:13:37 - [] ----D C:\Users\Eric\AppData\Roaming\main ~ Program Folder: 136 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 20:49:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] O44 - LFC:[MD5.2FFC8D6475D45F08053CFB05CB134BDD] - 02/05/2014 - 22:02:58 ---A- . (...) -- C:\rapport Malwarebytes.txt [1230] O44 - LFC:[MD5.CD81F6DF96AC72F4C76ED554041BC9D7] - 23/04/2014 - 11:19:45 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [43520] =>Trojan.Staser ~ Files: 23 Legitimates Filtered in 00mn 08s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.D0216261724CE0CFD88A7610CBB9AFA6] - 16/03/2014 - 16:41:12 ---A- - C:\Windows\Prefetch\AMSETUP_ACTIVERIS_DEFAULT_TUG-20D4C386.pf =>PUP.Activeris O45 - LFCP:[MD5.BC77398299699FB64E0E980B60E0A6F5] - 05/03/2014 - 17:45:09 ---A- - C:\Windows\Prefetch\BUBBLE DOCK ADDONSUI.EXE-568B4238.pf =>PUP.BubbleDock O45 - LFCP:[MD5.67E50C7632EEEB4E2E89882B7695E508] - 09/03/2014 - 16:04:09 ---A- - C:\Windows\Prefetch\BUBBLE DOCK.EXE-AED9B86A.pf =>PUP.BubbleDock O45 - LFCP:[MD5.00B2C6323DF46BB6E3DE4B3A92A29C6F] - 19/03/2014 - 09:16:52 ---A- - C:\Windows\Prefetch\DESK365.EXE-F321E022.pf =>Hijacker.22Find O45 - LFCP:[MD5.6831A35D2C191CF5F70666A06BEF39E2] - 09/03/2014 - 15:04:09 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-C60CFCC2.pf =>Adware.IMBooster O45 - LFCP:[MD5.D92B4F15423B1A7D9F620526F173484A] - 02/05/2014 - 20:13:24 ---A- - C:\Windows\Prefetch\ISAFETHLP.EXE-FA2058E0.pf =>Trojan.Staser O45 - LFCP:[MD5.794E71B3F503EFAFB52761538286482E] - 22/03/2014 - 15:02:41 ---A- - C:\Windows\Prefetch\LOLLIPOP.EXE-97B81CA7.pf =>Adware.Lollipop O45 - LFCP:[MD5.153F462421E3D24B0D70CAE3D6368F47] - 09/03/2014 - 17:17:08 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-EFC95E5E.pf =>PUP.MyPCBackup O45 - LFCP:[MD5.E2DF2E5F132A241B0D760FC72E424706] - 16/03/2014 - 16:40:55 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-4ECB3878.pf =>PUP.OptimizerPro O45 - LFCP:[MD5.0739667891EB4414B58166FCEEF88496] - 26/04/2014 - 10:12:03 ---A- - C:\Windows\Prefetch\PLUS-HD-9.1-CHROMEINSTALLER.E-88F1C209.pf =>Adware.PlusHD O45 - LFCP:[MD5.1CF50D61DE1EF911D90D2CBF78300208] - 09/03/2014 - 17:04:51 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-F8807476.pf =>PUP.JDIBackup O45 - LFCP:[MD5.D749A3CA2310C13129D5AA0D332F137F] - 22/03/2014 - 09:52:27 ---A- - C:\Windows\Prefetch\UPFST_FR_118.EXE-EBC90B1C.pf =>Adware.FreeSoftToday ~ Prefetcher: 12 Legitimates Filtered in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{6db47ec1-11ad-11e3-be66-806e6f6e6963}\AutoRun\command. (.Macromedia, Inc. - Macromedia Projector.) -- E:\START.exe ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 19 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 15 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:02/05/2014 - 20:49:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software O58 - SDL:02/05/2014 - 20:49:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software O58 - SDL:02/05/2014 - 20:49:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software O58 - SDL:23/04/2014 - 11:19:45 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [43520] =>Trojan.Staser O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960] O58 - SDL:13/12/2012 - 14:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] ~ Drivers: 62 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 02/05/2014 - 09:25:32 ---A- . (...) -- C:\Users\Eric\Desktop\adwcleaner.exe [1310621] O61 - LFC: 26/04/2014 - 09:25:32 ---A- . (...) -- C:\Users\Eric\Downloads\mbam-setup-2.0.1.1004 (4).exe [17299776] O61 - LFC: 27/04/2014 - 09:25:31 ---A- . (...) -- C:\Users\Eric\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10237.bin [217776] ~ 466 Fichiers temporaires (Temporary files) ~ 48 Fichiers cookies (Cookies files) ~ Files: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files (x86)\google\chrome\application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKUS\.DEFAULT] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar O69 - SBI: SearchScopes [HKUS\S-1-5-18] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.A8DDCC18FC3706A5752713E9CC05A0BD] [SPRF][02/05/2014] (...) -- C:\Users\Eric\Desktop\adwcleaner.exe [1310621] [MD5.FCA8974A8A7499A0966A38EF2CD8938E] [SPRF][17/07/2013] (...) -- C:\Users\Eric\Desktop\RogueKiller-8.6.3.exe [915968] ~ Files: 4 Legitimates Filtered in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\Windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\Windows\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore ~ Update Products: 2 Legitimates Filtered in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118} ~ MNS: 1 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.0A517BFDBF16092D7D813FAA69BB7F65] [WIS][09/02/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\164385b.msi [1712128] =>Adware.IncrediBar [MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][08/01/2014] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\1f208399.msi [417792] =>PUP.FrameFox [MD5.4AFAA1ED6A27FFEEE76EA2B7643B6309] [WIS][09/10/2013] (.DealPly Technologies Ltd - Google Update Helper.) -- C:\Windows\Installer\99c99.msi [40960] =>PUP.DealPly [MD5.2FC58F2FDDCCAC35B3133A1B10AB45B6] [WIS][11/12/2013] (.Kreapixel - Webplayer.) -- C:\Windows\Installer\da5e87.msi [21504] =>Adware.SocialSkinz ~ WIS: 4 Legitimates Filtered in 00mn 00s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.PUP.NewPlayer HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.PUP.NewPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32 =>PUP.Activeris HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS =>PUP.Activeris HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.PUP.NewPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.PUP.NewPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatebomlabio_RASAPI32 =>PUP.Bomlabio HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatebomlabio_RASMANCS =>PUP.Bomlabio HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilbomlabio_RASAPI32 =>PUP.Bomlabio HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilbomlabio_RASMANCS =>PUP.Bomlabio ~ BTK: 72 Legitimates Filtered in 00mn 00s ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{11111111-1111-1111-1111-110311531129}] (Pricora) =>Adware.Pricora [HKCR\CLSID\{11111111-1111-1111-1111-110411581120}] (weDownload) =>PUP.weDownloadManager [HKCR\CLSID\{22222222-2222-2222-2222-220322532229}] (CrossriderApp0035329.Sandbox) =>PUP.CrossRider [HKCR\CLSID\{22222222-2222-2222-2222-220422582220}] (CrossriderApp0045820.Sandbox) =>PUP.CrossRider ~ BCK: 4941 Legitimates Filtered in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 02/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 05/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 19/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 19/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 18/01/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SS - | Auto 10/07/1658 0 | (vosr) . (...) - C:\Users\Eric\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 06/07/2010 188416 | (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe SR - | Auto 12/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe SR - | Auto 12/11/2013 196616 | (DellDigitalDelivery) . (.Dell Products, LP..) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe SR - | Auto 02/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 20/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 19/07/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SR - | Auto 19/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 18/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 25/04/2012 254512 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SR - | Auto 23/05/2013 1915480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 19/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 19/06/2012 77824 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe ~ Services: Scanned in 00mn 04s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Eric at 03/05/2014 09:25:49 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Eric at 03/05/2014 09:25:51 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13045 - (01/05/2014) Clés trouvées (Keys found) : 178 Valeurs trouvées (Values found) : 3 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 13 [HKLM\Software\Google\Chrome\Extensions\ebbijfohkliglklcbbpbblhdbomibgfn] =>PUP.Png2Image^ [HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E365FDA-909F-4939-838A-261DD468D862}] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer] =>Adware.PUP.NewPlayer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Elite Max_is1] =>PUP.OptimizerEliteMax^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{e4c7fad9-298d-49b1-a6d4-eb7be6204232}] =>Hijacker.SmartBar^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F750DB0E-D452-3108-63C9-FE16BC686741}] =>Adware.SocialSkinz^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster [HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311531129}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411581120}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322532229}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422582220}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^ C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebbijfohkliglklcbbpbblhdbomibgfn =>PUP.Png2Image^ C:\Program Files (x86)\weDownload =>PUP.weDownloadManager^ C:\ProgramData\less2pAy =>PUP.Less2Pay^ C:\ProgramData\Png2IMagae =>PUP.Png2Image^ C:\ProgramData\PriceDoownloaDEra =>PUP.PriceDownloader^ C:\ProgramData\SoiftCoUUp =>PUP.RandomName^ C:\ProgramData\ssaver box =>PUP.SaverBox^ C:\ProgramData\WPM =>PUP.WpManager^ C:\Windows\Tasks\PCHelpers1st.job =>PUP.OptimizerEliteMax^ C:\Windows\System32\Tasks\PCHelpers1st =>PUP.OptimizerEliteMax^ C:\Windows\Tasks\PCHelpers_period.job =>PUP.OptimizerEliteMax^ C:\Windows\System32\Tasks\PCHelpers_period =>PUP.OptimizerEliteMax^ [HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^ C:\Windows\Installer\164385b.msi =>Adware.IncrediBar^ C:\Windows\Installer\1f208399.msi =>PUP.FrameFox^ C:\Windows\Installer\99c99.msi =>PUP.DealPly^ C:\Windows\Installer\da5e87.msi =>Adware.SocialSkinz^ [HKCR\CLSID\{11111111-1111-1111-1111-110311531129}] (Pricora) =>Adware.Pricora^ [HKCR\CLSID\{11111111-1111-1111-1111-110411581120}] (weDownload) =>PUP.weDownloadManager^ [HKCR\CLSID\{22222222-2222-2222-2222-220322532229}] (CrossriderApp0035329.Sandbox) =>PUP.CrossRider^ [HKCR\CLSID\{22222222-2222-2222-2222-220422582220}] (CrossriderApp0045820.Sandbox) =>PUP.CrossRider^ ~ Additionnel Scan: 262881 Items scanned in 00mn 15s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.webs.com/apps/blog/show/41694496-pup-png2image =>PUP.Png2Image http://nicolascoolman.webs.com/apps/blog/show/41695344-pup-optimizerelitemax =>PUP.OptimizerEliteMax http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup http://nicolascoolman.webs.com/apps/blog/show/26690384-adware-downware =>Adware.Downware http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager http://nicolascoolman.byethost7.com/wordpress/?p=90 =>Adware.Boxore http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser http://nicolascoolman.webs.com/apps/blog/show/41903075-pup-activeris =>PUP.Activeris http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>PUP.BubbleDock http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday http://nicolascoolman.webs.com/apps/blog/show/32789922-pup-framefox =>PUP.FrameFox http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.IncrediBar http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly http://nicolascoolman.webs.com/apps/blog/show/33460217-pup-bomlabio =>PUP.Bomlabio http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora =>Adware.Pricora http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ MSI: 26 link(s) detected in 00mn 00s ~ 688 Legitimates filtered by white list End of the scan (724 lines in 01mn 03s)(0)