Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.4.14.26 - Nicolas Coolman (14/04/2014)
~ Lancé par Elisa (15/04/2014 20:07:34)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16863 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : P7GBG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.3.350
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3683 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 486 GB (83%) free of 584 GB
---\\ Mode de connexion au système
~ Computer Name: TUC-TUC
~ User Name: Elisa
~ All Users Names: HomeGroupUser$, Elisa, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Elisa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Elisa\AppData\Roaming\
~ %Desktop% : C:\Users\Elisa\Desktop\
~ %Favorites% : C:\Users\Elisa\Favorites\
~ %LocalAppData% : C:\Users\Elisa\AppData\Local\
~ %StartMenu% : C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 486 Go of 584 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/694
~ Mes musiques (My Musics) : 1/305
~ Mes Favoris (My Favorites) : 1/73
~ Mes Documents (My Documents) : 2/286
~ Mon Bureau (My Desktop) : 2/557
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.DEABB07BC9B0009D826D2CA04C43F90F] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe [4693792] [PID.117412] =>Toolbar.Conduit
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.115616]
[MD5.EFAAE131121B7AD73CBA0FECC0B5A277] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe [3037472] [PID.118268] =>Toolbar.Conduit
[MD5.7EB93B3B36AC201D0802970E21E3C016] - (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe [77312] [PID.117692] =>PUP.BlockAndSurf
[MD5.16DCC8ACC504A6662BB04A0ED9454A4D] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959808] [PID.118204]
[MD5.E8193C022C3D0C164FDD830ACC7745BE] - (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe [104448] [PID.118144] =>PUP.BlockAndSurf
[MD5.241B07FF7F5943B9C1BF3235F49AC1E1] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744] [PID.118936]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.117796]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.117800]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.1984]
[MD5.9D8EE64F05FFCE71F410671F6FF0464F] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe [1142864] [PID.106048] =>P2P.BitTorrent
[MD5.534A3CB0847BA114F0D8A5F2BB2EF6D0] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [887432] [PID.44816]
[MD5.E4F6125ED5185F8FA37CC4F449B85526] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770608] [PID.120196]
[MD5.80B41038B3401916CDB91B5C30955571] - (.High-QualityV7 - HQVid1.9v4 exe.) -- C:\program files (x86)\hqvid1.9v4\hqvid1.9v4-bg.exe [523624] [PID.55880] =>PUP.CrossRider
[MD5.9625BE15F953113E5DF59BAC59859878] - (.Freeven - MediaPlayerplus exe.) -- C:\program files (x86)\mediaplayerplus\mediaplayerplus-bg.exe [519168] [PID.74784] =>PUP.CrossRider
[MD5.33D99B9EE34DED2A819AC99CC3E5C8A5] - (...) -- C:\ProgramData\HP Photo Creations\Communicator.exe [185920] [PID.57168]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8215552] [PID.13300]
~ Processes Running: Scanned in 00mn 07s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js (.not file.)
C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js
~ Firefox Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0053172 [64Bits] - {11111111-1111-1111-1111-110511311172} . (.High-QualityV7 - HQVid1.9v4 BHO.) -- C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0054246 [64Bits] - {11111111-1111-1111-1111-110511421146} . (.Freeven - MediaPlayerplus BHO.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll =>PUP.CrossRider
O2 - BHO: iGraal BHO [64Bits] - {240373D3-4199-4F41-BB4D-15D5B830C82D} . (.iGraal - iGraal BHO.) -- C:\Program Files (x86)\iGraal\iGraalBHO.dll
O2 - BHO: mysearchdial Helper Object [64Bits] - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.MySearchDial - Pas de description.) -- C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
~ BHO: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: iGraal Toolbar - [HKLM]{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} . (...) -- C:\Program Files\iGraal\iGraalToolbar.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jouer à Imperial Island - La Naissance d un Empire.lnk . (...) -- C:\Program Files (x86)\Imperial Island - La Naissance d un Empire\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Midnight Mysteries - Les Sorcieres d Abraham Edition Collector.lnk . (...) -- C:\Program Files (x86)\Midnight Mysteries - Les Sorcieres d Abraham Edition Collector\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Nearwood.lnk . (...) -- C:\Program Files (x86)\Nearwood\LaunchGame.bfg
O4 - GS\Desktop [Public]: Optimizer Elite Max.lnk . (.Viracure Limited - Optimizer Elite Max.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe =>PUP.OptimizerEliteMax
O4 - GS\Program [Public]: 123 Free Solitaire for Children.lnk . (...) -- C:\Program Files (x86)\123 Free Solitaire for Children\123FreeSolitaireForChildren.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Program [Public]: Free Spider Solitaire.lnk . (...) -- C:\Program Files (x86)\Free Spider Solitaire\FreeSpider.exe
O4 - GS\QuickLaunch [Elisa]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\QuickLaunch [Elisa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\QuickLaunch [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Elisa]: 123 Free Solitaire for Children.lnk . (...) -- C:\Program Files (x86)\123 Free Solitaire for Children\123FreeSolitaireForChildren.exe
O4 - GS\TaskBar [Elisa]: 3DBelote.lnk . (...) -- C:\Users\Elisa\Desktop\3DBELOTE\3DBelote.exe
O4 - GS\TaskBar [Elisa]: Bandizip64.exe.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\TaskBar [Elisa]: Bel Atout.lnk . (...) -- C:\Program Files (x86)\Jeux de cartes\Bel Atout\belatout.exe
O4 - GS\TaskBar [Elisa]: Bo-Jong.lnk . (...) -- C:\Users\Elisa\Documents\Bo-Jong\Bo-Jong.exe
O4 - GS\TaskBar [Elisa]: Free Spider Solitaire.lnk . (...) -- C:\Program Files (x86)\Free Spider Solitaire\FreeSpider.exe
O4 - GS\TaskBar [Elisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\TaskBar [Elisa]: Romi.lnk . (.Gérard Brochu - Romi.) -- C:\Users\Elisa\Documents\romi_romi_7.5_francais_10942\Romi.exe
O4 - GS\TaskBar [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Elisa]: Bookworm Deluxe.lnk . (...) -- C:\Users\Elisa\Desktop\Bookworm Deluxe[PC]\Bookworm Deluxe\Bookworm Deluxe.exe.exe
O4 - GS\Program [Elisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\Desktop [Elisa]: 2014-02-18 tutelle papa - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle papa
O4 - GS\Desktop [Elisa]: 2014-02-18 tutellepapa2 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2
O4 - GS\Desktop [Elisa]: AnyProtect.lnk . (.AnyProtect by CMI - AnyProtect.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect
O4 - GS\Desktop [Elisa]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\Desktop [Elisa]: Continuar la Instalacion de uTorrent.lnk . (...) -- C:\Users\Elisa\AppData\Local\Temp\ICReinstall_utorrent-3-3-2-build-30303-es-en-br-fr-de-it-cn-jp-ar-ru-win-setup.exe (.not file.) =>P2P.µTorrent
O4 - GS\Desktop [Elisa]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Elisa\AppData\Local\Temp\ICReinstall_nsgC025.tmp \RR (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Elisa]: erdf papa 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-01-02 erdf papa\erdf papa 001.jpg
O4 - GS\Desktop [Elisa]: Farmington Tales.lnk . (...) -- C:\Zylom Games\Farmington Tales\Farmington Tales.exe
O4 - GS\Desktop [Elisa]: Favoris - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Garou - Garou - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Garou - Reviens - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: image (1) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (1).jpeg
O4 - GS\Desktop [Elisa]: image (2) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (2).jpeg
O4 - GS\Desktop [Elisa]: image (3) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (3).jpeg
O4 - GS\Desktop [Elisa]: Images - Raccourci.lnk . (...) -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [Elisa]: IMG0002A - Raccourci.lnk . (...) -- E:\Images\IMG0002A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0003A - Raccourci.lnk . (...) -- E:\Images\IMG0003A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0004A - Raccourci.lnk . (...) -- E:\Images\IMG0004A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0005A - Raccourci.lnk . (...) -- E:\Images\IMG0005A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0006A - Raccourci.lnk . (...) -- E:\Images\IMG0006A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0007A - Raccourci.lnk . (...) -- E:\Images\IMG0007A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0008A - Raccourci.lnk . (...) -- E:\Images\IMG0008A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0009A - Raccourci.lnk . (...) -- E:\Images\IMG0009A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: les 100 plus belles chansons de noel - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Lionel Richie - Can't Slow Down - 08 - Hello - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\Lionel Richie.Discographie Complete.21 Albums.(1982-2012).Mp3.320Kbps.Freek911\1983 - Lionel Richie - Can't Slow Down (1983)\Lionel Richie - Can't Slow Down - 08 - Hello.mp3
O4 - GS\Desktop [Elisa]: Lionel Richie - Dancing on the Ceiling - 08 - Say You, Say Me - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\Lionel Richie.Discographie Complete.21 Albums.(1982-2012).Mp3.320Kbps.Freek911\1986 - Lionel Richie - Dancing On The Ceiling (1986)\Lionel Richie - Dancing on the Ceiling - 08 - Say You, Say Me.mp3
O4 - GS\Desktop [Elisa]: notaire 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-14 notaire\notaire 001.jpg
O4 - GS\Desktop [Elisa]: Optimizer Pro.lnk - Clé orpheline =>PUP.OptimizerPro
O4 - GS\Desktop [Elisa]: photo - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Desktop\photo.htm
O4 - GS\Desktop [Elisa]: photo - Raccourci.lnk . (...) -- C:\Users\Elisa\Desktop\photo.htm
O4 - GS\Desktop [Elisa]: photo2 - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Desktop\photo2.htm
O4 - GS\Desktop [Elisa]: photo2 - Raccourci.lnk . (...) -- C:\Users\Elisa\Desktop\photo2.htm
O4 - GS\Desktop [Elisa]: Super TextTwist.lnk . (.GameHouse - Text Twist.) -- C:\Zylom Games\Super TextTwist\TextTwist.exe
O4 - GS\Desktop [Elisa]: Tino Rossi - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: tutelle 3 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle 3\tutelle 3 001.jpg
O4 - GS\Desktop [Elisa]: tutelle1 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle1\tutelle1 001.jpg
O4 - GS\Desktop [Elisa]: tutelle2 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle2\tutelle2 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa 1 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa 1\tutellepapa 1 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa2 001 - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2\tutellepapa2 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa2 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2\tutellepapa2 001.jpg
O4 - GS\Desktop [Elisa]: VA - les plus belles chansons de noel - Raccourci (2).lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 109 Legitimates Filtered in 00mn 21s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Elisa]: Alertes de surveillance de l'encre - HP Deskjet 1050 J410 series (Copie 1).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SRS Premium Sound HD] . (.SRS Labs, Inc. - SRS Control Panel.) -- C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O4 - HKLM\..\Run: [TecoResident] . (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [TODDMain] . (.Pas de propriétaire - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [BlockNSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [TPUReg] . (.Pegatron Corporation - TOSHIBA Password Utility.) -- C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe (.not file.)
O4 - HKLM\..\Wow6432Node\RunOnce: [RAInstaller C:\Users\Elisa\zylom\Nightmares from the Deep - The Cursed Heart Premium Edition] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2205263597-2392721365-670168616-1001\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2205263597-2392721365-670168616-1001\..\Run: [BlockNSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: iGraal [64Bits] - {0FB6492F-7FED-4446-9863-992806E1C419} . (...) -- C:\Program Files\iGraal\iGraalButton.dll
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E29427F-1120-4AC5-B6CF-D51256789249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A50C25A4-B12F-4DC5-A63F-CAC9EDD3FE09}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7E29427F-1120-4AC5-B6CF-D51256789249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A50C25A4-B12F-4DC5-A63F-CAC9EDD3FE09}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BlockAndSurf (BlockAndSurf) . (...) - C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe =>PUP.BlockAndSurf
O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\Elisa\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
~ Services: 19 Legitimates Filtered in 00mn 36s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-1.job [1354]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-2.job [1356]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-3.job [2788]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-4.job [2380]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-5.job [1348]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job [1446]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job [1430]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job [3136]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job [2184]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job [1422]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP1.job [380] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP2.job [378] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\BlockAndSurf Update.job [420] =>PUP.BlockAndSurf
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\BlockAndSurf_wd.job [424] =>PUP.BlockAndSurf
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [308] =>Adware.MyWebSearch
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers1st.job [316] =>PUP.OptimizerEliteMax
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers_period.job [316] =>PUP.OptimizerEliteMax
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [928]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [932]
[MD5.3ACB33C87B2B2E2430E2A41C0DF469E7] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-1] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-codedownloader.exe [482152] =>PUP.CrossRider
[MD5.8D8CAB5AF4A8A1B36BACD7820B9B84F0] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-2] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe [338280] =>PUP.CrossRider
[MD5.E8428A11ADA2BDF4F4673840F7A1BA23] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-3] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-3.exe [1865576] =>PUP.CrossRider
[MD5.F39C5FA99EF4A47E604A243E279824C4] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-4] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-4.exe [801128] =>PUP.CrossRider
[MD5.7AE80F34C915088B02B217CBF0628DC2] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [477696] =>PUP.CrossRider
[MD5.118177E5B291636A0BECF5419332CD17] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe [333824] =>PUP.CrossRider
[MD5.66AA123CBF19E49E848BEA06AFC3FB0F] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe [1861120] =>PUP.CrossRider
[MD5.4184A2D4B32AAD4BE8A6A928241F46CD] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe [796672] =>PUP.CrossRider
[MD5.33BC945C2FF6C2EA9E6B11E2733F5915] [APT] [APSnotifierPP1] (.AnyProtect by CMI.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [21697536] =>PUP.AnyProtect
[MD5.C16AEA09E281B2F36D9CD244EA09385F] [APT] [BlockAndSurf Update] (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BnSup.exe [385024] =>PUP.BlockAndSurf
[MD5.7EB93B3B36AC201D0802970E21E3C016] [APT] [BlockAndSurf_wd] (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe [77312] =>PUP.BlockAndSurf
[MD5.6611F0E57AA3223FA798BE3F6D1DF458] [APT] [MySearchDial] (...) -- C:\Users\Elisa\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe [104960] =>Adware.MyWebSearch
[MD5.1266DD45E1F59C82AADDF81418E471D3] [APT] [PCHelpers1st] (.Viracure Limited.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe [4135272] =>PUP.OptimizerEliteMax
[MD5.1266DD45E1F59C82AADDF81418E471D3] [APT] [PCHelpers_period] (.Viracure Limited.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe [4135272] =>PUP.OptimizerEliteMax
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.8D8CAB5AF4A8A1B36BACD7820B9B84F0] [APT] [temp_22ce1643-98ba-4b64-a980-c2aab93c58af-2] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe [338280] =>PUP.CrossRider
[MD5.118177E5B291636A0BECF5419332CD17] [APT] [temp_84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe [333824] =>PUP.CrossRider
[MD5.8AE13B97BFCAD6C7D3B8C8A1C298EFB4] [APT] [{EC22262C-BE22-4C13-BDD3-1053C49C80B9}] (...) -- C:\Program Files (x86)\ZHPDiag\unins000.exe [694736]
~ Scheduled Task: 61 Legitimates Filtered in 00mn 40s
---\\ Logiciels installés (O42)
O42 - Logiciel: Activeris AntiMalware - (.Activeris.) [HKLM][64Bits] -- 94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1 =>PUP.Activeris
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.AnyProtect
O42 - Logiciel: Art Mahjongg Egypt - (...) [HKLM][64Bits] -- BFG-Art Mahjongg Egypt
O42 - Logiciel: BlockAndSurf - (.BlockAndSurf software.) [HKLM][64Bits] -- f2d51b4c-2921-4a51-a0e0-efc3cbf492b8 =>PUP.BlockAndSurf
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E365FDA-909F-4939-838A-261DD468D862} =>Adware.Boxore
O42 - Logiciel: HQVid1.9v4 - (.High-QualityV7.) [HKLM][64Bits] -- HQVid1.9v4 =>PUP.CrossRider
O42 - Logiciel: Imperial Island: La Naissance d'un Empire - (...) [HKLM][64Bits] -- BFG-Imperial Island - La Naissance d un Empire
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM][64Bits] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: Optimizer Elite Max - (.Viracure Limited.) [HKLM][64Bits] -- Optimizer Elite Max_is1 =>PUP.OptimizerEliteMax
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM][64Bits] -- SearchProtect =>Toolbar.Conduit
O42 - Logiciel: VO Package - (...) [HKLM][64Bits] -- VOPackage =>Adware.Downware
O42 - Logiciel: webssearches uninstaller - (.webssearches.) [HKLM][64Bits] -- webssearches uninstaller
~ Logic: 71 Legitimates Filtered in 00mn 04s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Delta]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TPUKey]
[HKCU\Software\TutoTag] =>AgenceExclusive
[HKCU\Software\Tutorials] =>AgenceExclusive
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Tutorials] =>AgenceExclusive
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\iGraal]
[HKLM\Software\iGraal]
~ Key Software: 371 Legitimates Filtered in 00mn 04s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/04/2014 - 13:04:57 - [17,594] ----D C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 14/04/2014 - 03:30:48 - [20,759] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 12/01/2014 - 22:00:39 - [131,842] ----D C:\Program Files (x86)\Art Mahjongg Egypt
O43 - CFD: 14/04/2014 - 03:30:05 - [1,605] ----D C:\Program Files (x86)\BlockAndSurf Corp =>PUP.BlockAndSurf
O43 - CFD: 11/04/2014 - 15:20:48 - [0] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 02/10/2013 - 13:28:18 - [0] ----D C:\Program Files (x86)\Delta
O43 - CFD: 10/04/2014 - 13:07:31 - [7,917] ----D C:\Program Files (x86)\HQVid1.9v4 =>PUP.CrossRider
O43 - CFD: 18/01/2014 - 19:36:22 - [4,831] ----D C:\Program Files (x86)\iGraal
O43 - CFD: 18/01/2014 - 22:08:08 - [296,081] ----D C:\Program Files (x86)\Imperial Island - La Naissance d un Empire
O43 - CFD: 14/04/2014 - 03:29:54 - [3,010] ----D C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 10/04/2014 - 13:04:27 - [5,633] ----D C:\Program Files (x86)\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 10/04/2014 - 13:04:56 - [0,036] ----D C:\ProgramData\Activeris =>PUP.Activeris
O43 - CFD: 11/04/2014 - 07:15:46 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 03/11/2013 - 17:37:44 - [0,001] ----D C:\ProgramData\Once Upon a Time in Chicago
O43 - CFD: 14/01/2014 - 21:58:28 - [1,183] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 10/04/2014 - 13:05:58 - [0,012] ----D C:\Users\Elisa\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 26/10/2013 - 21:17:45 - [0,058] ----D C:\Users\Elisa\AppData\Roaming\CaribbeanJewel
O43 - CFD: 18/01/2014 - 21:59:23 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\HotLava
O43 - CFD: 05/09/2013 - 20:42:04 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\island_tribe_4_bfg_fr
O43 - CFD: 06/12/2013 - 22:16:12 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\Laruaville
O43 - CFD: 02/01/2014 - 21:59:52 - [0,642] ----D C:\Users\Elisa\AppData\Roaming\Mind Elevator Games
O43 - CFD: 14/04/2014 - 03:29:57 - [0,100] ----D C:\Users\Elisa\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 03/11/2013 - 17:38:59 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Once upon a time in Chicago
O43 - CFD: 11/04/2014 - 11:00:04 - [0] ----D C:\Users\Elisa\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 12/11/2013 - 21:51:57 - [0,027] ----D C:\Users\Elisa\AppData\Roaming\Saved Games
O43 - CFD: 10/04/2014 - 13:05:42 - [0,781] ----D C:\Users\Elisa\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 10/04/2014 - 13:05:27 - [0,643] ----D C:\Users\Elisa\AppData\Roaming\webssearches
O43 - CFD: 14/04/2014 - 03:30:49 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
O43 - CFD: 12/01/2014 - 21:59:40 - [0,003] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Art Mahjongg Egypt
O43 - CFD: 18/01/2014 - 19:36:23 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iGraal
O43 - CFD: 18/01/2014 - 22:06:52 - [0,004] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
O43 - CFD: 10/04/2014 - 13:05:42 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
~ Program Folder: 244 Legitimates Filtered in 01mn 15s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.110BEF03ACD02079B62CD8B99DD8604B] - 10/04/2014 - 12:04:50 ---A- . (...) -- C:\Windows\System32\acrisnative64.exe [20480]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 11/04/2014 - 21:06:24 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
~ Files: 43 Legitimates Filtered in 01mn 49s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.235F99E407F8A6679861E7405C8FF8BB] - 10/04/2014 - 12:04:21 ---A- - C:\Windows\Prefetch\FREESOFTTODAY.TMP-187E5FBB.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.59DF8C72024E2D1BA0CDECCB1BEA91A6] - 10/04/2014 - 12:04:27 ---A- - C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-C91C1B51.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.421CB66DAADA04D190B6E4500405E8FF] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\AMSETUP_ACTIVERIS_DEFAULT_010-F49BCD0E.pf =>PUP.Activeris
O45 - LFCP:[MD5.E2BA0F6032595691D457EDD89C8C124C] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\ICAJSLHPSZG.EXE-9F1270B5.pf
O45 - LFCP:[MD5.1AD5EE2121D843F9387BD007B66E3943] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\VFFVX.EXE-4151B401.pf
O45 - LFCP:[MD5.40865C4170741102385527AB0C52D41B] - 10/04/2014 - 12:06:50 ---A- - C:\Windows\Prefetch\NSG3D5.TMP.EXE-A5974BD0.pf
O45 - LFCP:[MD5.32C54C56D6BAB15C646922AD310E4B89] - 10/04/2014 - 12:06:50 ---A- - C:\Windows\Prefetch\NSQC6D5.TMP-7EA83610.pf
O45 - LFCP:[MD5.990B274205343AB139B2A66E859DC3FE] - 10/04/2014 - 12:27:12 ---A- - C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.C828180C10AB5ED28267BC77436ABD41] - 10/04/2014 - 12:45:52 ---A- - C:\Windows\Prefetch\NSMC6BB.TMP-5178A8C3.pf
O45 - LFCP:[MD5.FB5435CA487A44AAD13FB02D9F45D4F0] - 11/04/2014 - 06:14:58 ---A- - C:\Windows\Prefetch\MAJFSTFR.TMP-09F213F8.pf
O45 - LFCP:[MD5.15760F424C0936636AC63BE3F62FD8BB] - 11/04/2014 - 06:15:44 ---A- - C:\Windows\Prefetch\PACKAGE_BUENO_OFFER_MULTILANG-84894552.pf
O45 - LFCP:[MD5.8EA958F977DB614E78F9B025DDE91AD2] - 11/04/2014 - 06:15:52 ---A- - C:\Windows\Prefetch\PACKAGE_BUENO_INSTALLER_MULTI-C79AB722.pf
O45 - LFCP:[MD5.20221856C273840823664CAFE6610FF2] - 11/04/2014 - 06:16:07 ---A- - C:\Windows\Prefetch\MYBUENOTB.EXE-9B17B13B.pf
O45 - LFCP:[MD5.EA87DD09585CBE1F74ED2F6062A1C540] - 11/04/2014 - 10:33:44 ---A- - C:\Windows\Prefetch\FST_FR_134.EXE-0EA41039.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.A72BBCDA1759AD0226AD3F50A7678137] - 11/04/2014 - 12:39:09 ---A- - C:\Windows\Prefetch\UPFST_FR_134.EXE-2444B142.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.0BF8B5A2B1DA3451907EFFE138149BD4] - 11/04/2014 - 14:31:18 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.BE93BE4DE625715C943A1896238589C5] - 13/04/2014 - 12:49:54 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.74868BF86E6EBA5D5629376A6C74181D] - 14/04/2014 - 02:28:41 ---A- - C:\Windows\Prefetch\NSTBD7A.TMP-FD6E115B.pf
O45 - LFCP:[MD5.D00568EE57B510338AF73C0C91504398] - 14/04/2014 - 02:29:49 ---A- - C:\Windows\Prefetch\NSOCB8E.TMP.EXE-992BF126.pf
O45 - LFCP:[MD5.54B1D910760EAAC8FB894CDA226B02DE] - 14/04/2014 - 02:29:52 ---A- - C:\Windows\Prefetch\NSZD714.TMP.EXE-1B265A03.pf
O45 - LFCP:[MD5.DDFD733A8E71F41C019C5C0148D1331B] - 14/04/2014 - 20:53:44 ---A- - C:\Windows\Prefetch\BANDIZIP64.EXE-B896758F.pf
O45 - LFCP:[MD5.298DCF133AB1E7DDA40F69222D6AE3A3] - 15/04/2014 - 06:07:26 ---A- - C:\Windows\Prefetch\CLTMNGUI.EXE-8AC9A995.pf
O45 - LFCP:[MD5.A24FFEE3254E6156FA19CF1115CDD668] - 15/04/2014 - 06:07:38 ---A- - C:\Windows\Prefetch\BLOCKANDSURF_WD.EXE-33BF3845.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.B37E3D92032030646DB515153623A515] - 15/04/2014 - 06:07:39 ---A- - C:\Windows\Prefetch\BNSUP.EXE-2100DB8D.pf
O45 - LFCP:[MD5.E74291B8A7998401307B70DCB6146509] - 15/04/2014 - 06:08:08 ---A- - C:\Windows\Prefetch\TOASTNOTIFIER.EXE-271D6148.pf
O45 - LFCP:[MD5.233DCDE9470D6353BD1568BAB60741EB] - 15/04/2014 - 08:04:28 ---A- - C:\Windows\Prefetch\CLTMNG.EXE-C60707AC.pf
O45 - LFCP:[MD5.0B738F280421CA748826A13F64C5B075] - 15/04/2014 - 08:04:47 ---A- - C:\Windows\Prefetch\BLOCKANDSURF158.EXE-A49BB469.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.555AD50BD2EFCC20DF10E4633E1105E5] - 15/04/2014 - 08:04:55 ---A- - C:\Windows\Prefetch\BLOCKNSURF.EXE-21D8C53A.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.8C4CB2C2AAC94D88D98181A3901DFCBF] - 15/04/2014 - 10:00:13 ---A- - C:\Windows\Prefetch\OPTIMIZER ELITE MAX.EXE-FAB4A2FB.pf =>PUP.OptimizerEliteMax
O45 - LFCP:[MD5.F0A61115655CB0B42BD1E75CDE3C12C5] - 15/04/2014 - 12:10:27 ---A- - C:\Windows\Prefetch\SOFTWARECRASHHANDLER.EXE-5F240164.pf
O45 - LFCP:[MD5.5CCA4D6069B1A3366C3DA64BABE9A81F] - 15/04/2014 - 14:10:11 ---A- - C:\Windows\Prefetch\BO-JONG.EXE-B40F28DB.pf
O45 - LFCP:[MD5.A2F3EFDA6F5BC780A00B7D27EA6C9CF7] - 15/04/2014 - 14:21:46 ---A- - C:\Windows\Prefetch\FREESPIDER.EXE-0C6A8E81.pf
O45 - LFCP:[MD5.E42D88288870713DE02867FB953724DD] - 15/04/2014 - 15:29:03 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-23278905.pf
O45 - LFCP:[MD5.76E3E8436F54D2E4C627378547EB9E10] - 15/04/2014 - 17:05:47 ---A- - C:\Windows\Prefetch\HQVID1.9V4-BG.EXE-5A797215.pf =>PUP.CrossRider
O45 - LFCP:[MD5.F64484369AE48DAE57BD70EA026FFC21] - 15/04/2014 - 17:05:47 ---A- - C:\Windows\Prefetch\MEDIAPLAYERPLUS-BG.EXE-EA87D0B3.pf =>PUP.CrossRider
O45 - LFCP:[MD5.D5CBF12166B2CE819ABB7CB8E4CCC03C] - 15/04/2014 - 18:05:07 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-95A0062B.pf
O45 - LFCP:[MD5.E1A0DAF113A4EC65F866D1EB999F161D] - 15/04/2014 - 18:05:08 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-97F2B639.pf
O45 - LFCP:[MD5.C7252DB153128BE6533A99DB172DE8A7] - 15/04/2014 - 18:05:12 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-AB4870BE.pf
O45 - LFCP:[MD5.F31C0EA32D56F65F4EE8E122D2239B8A] - 15/04/2014 - 18:05:12 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-824A4BA6.pf
O45 - LFCP:[MD5.0A28FCFECF0979F32CB71CB950DA4412] - 15/04/2014 - 18:07:03 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-849CFBB4.pf
O45 - LFCP:[MD5.AA89573EC30F1B1F63A3F8831661B2C8] - 15/04/2014 - 18:07:03 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-6EF49121.pf
O45 - LFCP:[MD5.C21B412EE5207D35CAE3D3B7D9E9DFB6] - 15/04/2014 - 18:08:23 ---A- - C:\Windows\Prefetch\MEDIAPLAYERPLUS-CODEDOWNLOADE-DD2EDCB8.pf =>PUP.CrossRider
O45 - LFCP:[MD5.C32091B81E7A1E28D31775C70BBBE86B] - 15/04/2014 - 18:14:37 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-CA6FE474.pf
O45 - LFCP:[MD5.FBB6C5BC3FE3E6ABB4845AAE901AB591] - 15/04/2014 - 18:15:17 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-6E13F4BF.pf =>Adware.Downware
O45 - LFCP:[MD5.419A8C19720C9B0BEDAECC94149BEBA9] - 15/04/2014 - 18:15:44 ---A- - C:\Windows\Prefetch\NSGC025.TMP-EC820B96.pf
O45 - LFCP:[MD5.06157C7B8EF909F0CE96DAC317C232B9] - 24/03/2014 - 10:51:32 ---A- - C:\Windows\Prefetch\123FREESOLITAIREFORCHILDREN.E-E0054983.pf
~ Prefetcher: 46 Legitimates Filtered in 00mn 02s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 17/08/2013 - 06:29:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 17/08/2013 - 06:29:56 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 17/08/2013 - 06:29:56 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.3248B5CC4AA7942EE7BC26F1EB00210B] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.16E745743BABAF480B7718442F38B076] - 31/07/2012 - 20:28:54 ---A- . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\Drivers\Thotkey.sys [28632]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 31/12/2013 - 16:47:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
~ Drivers: 19 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\UI\rep\UIRepository.dat [12430] =>Toolbar.Conduit
O61 - LFC: 14/04/2014 - 20:13:55 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\mysearchdial\UpdateProc\info.dat [55] =>Adware.MyWebSearch
O61 - LFC: 14/04/2014 - 20:13:56 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\WB.CFG [41]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\Desktop.lnk [486]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\Downloads.lnk [937]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\RecentPlaces.lnk [383]
O61 - LFC: 15/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat [104606] =>Toolbar.Conduit
O61 - LFC: 15/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat [1954] =>Toolbar.Conduit
O61 - LFC: 15/04/2014 - 20:13:51 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\Borak.Bo-Jong.Pref [73]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.MD5 [1742]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.m3u [1658]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.pls [2114]
O61 - LFC: 15/04/2014 - 20:14:03 -SHA- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\Thumbs.db [16384]
~ Files: 109 Legitimates Filtered in 00mn 42s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (webssearches) - http://istart.webssearches.com =>Hijacker.WebsSearches
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} [DefaultScope] - (Conduit Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\windows\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore
O90 - PUC: "C6AC1163ACF500943A92A6111832CCCF" . (.Bing Bar.) -- C:\windows\Installer\{3611CA6C-5FCA-4900-A329-6A118123CCFC}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 68 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32 =>Adware.BrowseFox
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS =>Adware.BrowseFox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
~ BTK: 83 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110511311172}] (HQVid1.9v4) =>PUP.CrossRider
[HKCR\CLSID\{11111111-1111-1111-1111-110511421146}] (MediaPlayerplus) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522312272}] (CrossriderApp0053172.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522422246}] (CrossriderApp0054246.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4925 Legitimates Filtered in 00mn 22s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 13/03/2014 1017424 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 23/07/2013 240288 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe =>Toolbar.Bing
SS - | Demand 10/07/1658 0 | (FSMA) . (...) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 03/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/03/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 10/04/2014 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 10/04/2014 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 04/01/2013 116240 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/08/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 13/03/2014 440400 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 13/03/2014 440400 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 23/07/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe =>Toolbar.Bing
SR - | Auto 14/04/2014 143360 | (BlockAndSurf) . (...) - C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe =>PUP.BlockAndSurf
SR - | Auto 08/04/2014 2470688 | (CltMngSvc) . (.Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Auto 31/12/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SR - | Auto 07/10/2013 240736 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 13/10/2011 156672 | (GFNEXSrv) . (...) - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 27/03/2014 581568 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Online Games Manager\ogmservice.exe
SR - | Auto 05/12/2012 201872 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Demand 27/07/2012 53384 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation
SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 25/08/2012 291240 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe =>.Toshiba Corporation
SR - | Demand 28/07/2012 458152 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Auto 08/04/2014 355328 | (vosr) . (...) - C:\Users\Elisa\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 26s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Elisa at 15/04/2014 20:18:38
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 263
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 19
Fichiers trouvés (Files found) : 51
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\BlockAndSurf] =>PUP.BlockAndSurf^
[HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1] =>PUP.Activeris^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\f2d51b4c-2921-4a51-a0e0-efc3cbf492b8] =>PUP.BlockAndSurf^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E365FDA-909F-4939-838A-261DD468D862}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQVid1.9v4] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Elite Max_is1] =>PUP.OptimizerEliteMax^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{6deee498-08cc-43f0-bca0-dbb5a25c9501}] =>Trojan.FakeAlert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Classes\CLSID\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS] =>Adware.BrowseFox
[HKLM\Software\Classes\CrossriderApp0053172.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522312272}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522422246}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522312272}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522422246}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BlockNSurf =>PUP.BlockAndSurf^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb} =>Trojan.FakeAlert
C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris^
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^
C:\Program Files (x86)\BlockAndSurf Corp =>PUP.BlockAndSurf^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\HQVid1.9v4 =>PUP.CrossRider^
C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch^
C:\Program Files (x86)\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\ProgramData\Activeris =>PUP.Activeris^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\Users\Elisa\AppData\Roaming\Activeris =>PUP.Activeris^
C:\Users\Elisa\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\Elisa\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\Users\Elisa\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^
C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\Elisa\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe =>Toolbar.Conduit^
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe =>Toolbar.Conduit^
C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe =>PUP.BlockAndSurf^
C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf^
C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\program files (x86)\hqvid1.9v4\hqvid1.9v4-bg.exe =>PUP.CrossRider^
C:\program files (x86)\mediaplayerplus\mediaplayerplus-bg.exe =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\Tasks\BlockAndSurf Update.job =>PUP.BlockAndSurf^
C:\Windows\Tasks\BlockAndSurf_wd.job =>PUP.BlockAndSurf^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\Tasks\PCHelpers1st.job =>PUP.OptimizerEliteMax^
C:\Windows\Tasks\PCHelpers_period.job =>PUP.OptimizerEliteMax^
C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect^
C:\Program Files (x86)\BlockAndSurf Corp\BnSup.exe =>PUP.BlockAndSurf^
C:\Users\Elisa\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe =>Adware.MyWebSearch^
C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe =>PUP.OptimizerEliteMax^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
[HKCU\Software\Activeris] =>PUP.Activeris^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris^
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday^
[HKCR\CLSID\{11111111-1111-1111-1111-110511311172}] (HQVid1.9v4) =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110511421146}] (MediaPlayerplus) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220522312272}] (CrossriderApp0053172.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220522422246}] (CrossriderApp0054246.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
C:\Users\Elisa\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore
C:\Users\Elisa\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
C:\Users\Elisa\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon
C:\Users\Elisa\AppData\Local\Temp\nse961F.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\nsy174E.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\SPSetup.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\uttBDA9.tmp.exe =>Toolbar.Conduit
~ Additionnel Scan: 235036 Items scanned in 01mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/41962428-hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.webs.com/apps/blog/show/41903075-pup-activeris =>PUP.Activeris
http://nicolascoolman.webs.com/apps/blog/show/41695344-pup-optimizerelitemax =>PUP.OptimizerEliteMax
http://nicolascoolman.webs.com/apps/blog/show/41695065-pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.webs.com/apps/blog/show/33388048-pup-vuupc =>PUP.VuuPC
http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26690384-adware-downware =>Adware.Downware
http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>AgenceExclusive
http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
http://nicolascoolman.webs.com/apps/blog/show/34153565-pup-buenosearch =>PUP.BuenoSearch
http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ MSI: 24 link(s) detected in 00mn 00s
~ 1334 Legitimates filtered by white list
End of the scan (1036 lines in 12mn 36s)(0)
~ Lancé par Elisa (15/04/2014 20:07:34)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16863 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : P7GBG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.3.350
Pack Sécurité v1.77.243.0
Pack Sécurité v1.77.243.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3683 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 486 GB (83%) free of 584 GB
---\\ Mode de connexion au système
~ Computer Name: TUC-TUC
~ User Name: Elisa
~ All Users Names: HomeGroupUser$, Elisa, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Elisa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Elisa\AppData\Roaming\
~ %Desktop% : C:\Users\Elisa\Desktop\
~ %Favorites% : C:\Users\Elisa\Favorites\
~ %LocalAppData% : C:\Users\Elisa\AppData\Local\
~ %StartMenu% : C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 486 Go of 584 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/694
~ Mes musiques (My Musics) : 1/305
~ Mes Favoris (My Favorites) : 1/73
~ Mes Documents (My Documents) : 2/286
~ Mon Bureau (My Desktop) : 2/557
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 06s
---\\ Processus lancés
[MD5.DEABB07BC9B0009D826D2CA04C43F90F] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe [4693792] [PID.117412] =>Toolbar.Conduit
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.115616]
[MD5.EFAAE131121B7AD73CBA0FECC0B5A277] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe [3037472] [PID.118268] =>Toolbar.Conduit
[MD5.7EB93B3B36AC201D0802970E21E3C016] - (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe [77312] [PID.117692] =>PUP.BlockAndSurf
[MD5.16DCC8ACC504A6662BB04A0ED9454A4D] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959808] [PID.118204]
[MD5.E8193C022C3D0C164FDD830ACC7745BE] - (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe [104448] [PID.118144] =>PUP.BlockAndSurf
[MD5.241B07FF7F5943B9C1BF3235F49AC1E1] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744] [PID.118936]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.117796]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.117800]
[MD5.A0F2C92F410EBAE832DFE507C7E4D6FA] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe [188400] [PID.1984]
[MD5.9D8EE64F05FFCE71F410671F6FF0464F] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe [1142864] [PID.106048] =>P2P.BitTorrent
[MD5.534A3CB0847BA114F0D8A5F2BB2EF6D0] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [887432] [PID.44816]
[MD5.E4F6125ED5185F8FA37CC4F449B85526] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770608] [PID.120196]
[MD5.80B41038B3401916CDB91B5C30955571] - (.High-QualityV7 - HQVid1.9v4 exe.) -- C:\program files (x86)\hqvid1.9v4\hqvid1.9v4-bg.exe [523624] [PID.55880] =>PUP.CrossRider
[MD5.9625BE15F953113E5DF59BAC59859878] - (.Freeven - MediaPlayerplus exe.) -- C:\program files (x86)\mediaplayerplus\mediaplayerplus-bg.exe [519168] [PID.74784] =>PUP.CrossRider
[MD5.33D99B9EE34DED2A819AC99CC3E5C8A5] - (...) -- C:\ProgramData\HP Photo Creations\Communicator.exe [185920] [PID.57168]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8215552] [PID.13300]
~ Processes Running: Scanned in 00mn 07s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js (.not file.)
C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js
~ Firefox Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0053172 [64Bits] - {11111111-1111-1111-1111-110511311172} . (.High-QualityV7 - HQVid1.9v4 BHO.) -- C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0054246 [64Bits] - {11111111-1111-1111-1111-110511421146} . (.Freeven - MediaPlayerplus BHO.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll =>PUP.CrossRider
O2 - BHO: iGraal BHO [64Bits] - {240373D3-4199-4F41-BB4D-15D5B830C82D} . (.iGraal - iGraal BHO.) -- C:\Program Files (x86)\iGraal\iGraalBHO.dll
O2 - BHO: mysearchdial Helper Object [64Bits] - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.MySearchDial - Pas de description.) -- C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
~ BHO: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: iGraal Toolbar - [HKLM]{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} . (...) -- C:\Program Files\iGraal\iGraalToolbar.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Jeux.lnk . (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe
O4 - GS\Desktop [Public]: Jouer à Imperial Island - La Naissance d un Empire.lnk . (...) -- C:\Program Files (x86)\Imperial Island - La Naissance d un Empire\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Midnight Mysteries - Les Sorcieres d Abraham Edition Collector.lnk . (...) -- C:\Program Files (x86)\Midnight Mysteries - Les Sorcieres d Abraham Edition Collector\LaunchGame.bfg
O4 - GS\Desktop [Public]: Jouer à Nearwood.lnk . (...) -- C:\Program Files (x86)\Nearwood\LaunchGame.bfg
O4 - GS\Desktop [Public]: Optimizer Elite Max.lnk . (.Viracure Limited - Optimizer Elite Max.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe =>PUP.OptimizerEliteMax
O4 - GS\Program [Public]: 123 Free Solitaire for Children.lnk . (...) -- C:\Program Files (x86)\123 Free Solitaire for Children\123FreeSolitaireForChildren.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Program [Public]: Free Spider Solitaire.lnk . (...) -- C:\Program Files (x86)\Free Spider Solitaire\FreeSpider.exe
O4 - GS\QuickLaunch [Elisa]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\QuickLaunch [Elisa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\QuickLaunch [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Elisa]: 123 Free Solitaire for Children.lnk . (...) -- C:\Program Files (x86)\123 Free Solitaire for Children\123FreeSolitaireForChildren.exe
O4 - GS\TaskBar [Elisa]: 3DBelote.lnk . (...) -- C:\Users\Elisa\Desktop\3DBELOTE\3DBelote.exe
O4 - GS\TaskBar [Elisa]: Bandizip64.exe.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\TaskBar [Elisa]: Bel Atout.lnk . (...) -- C:\Program Files (x86)\Jeux de cartes\Bel Atout\belatout.exe
O4 - GS\TaskBar [Elisa]: Bo-Jong.lnk . (...) -- C:\Users\Elisa\Documents\Bo-Jong\Bo-Jong.exe
O4 - GS\TaskBar [Elisa]: Free Spider Solitaire.lnk . (...) -- C:\Program Files (x86)\Free Spider Solitaire\FreeSpider.exe
O4 - GS\TaskBar [Elisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\TaskBar [Elisa]: Romi.lnk . (.Gérard Brochu - Romi.) -- C:\Users\Elisa\Documents\romi_romi_7.5_francais_10942\Romi.exe
O4 - GS\TaskBar [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Elisa]: Bookworm Deluxe.lnk . (...) -- C:\Users\Elisa\Desktop\Bookworm Deluxe[PC]\Bookworm Deluxe\Bookworm Deluxe.exe.exe
O4 - GS\Program [Elisa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\Desktop [Elisa]: 2014-02-18 tutelle papa - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle papa
O4 - GS\Desktop [Elisa]: 2014-02-18 tutellepapa2 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2
O4 - GS\Desktop [Elisa]: AnyProtect.lnk . (.AnyProtect by CMI - AnyProtect.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect
O4 - GS\Desktop [Elisa]: Bandizip.lnk . (.Bandisoft.com - Bandizip.) -- C:\Users\Elisa\AppData\Local\Bandizip\Bandizip64.exe
O4 - GS\Desktop [Elisa]: Continuar la Instalacion de uTorrent.lnk . (...) -- C:\Users\Elisa\AppData\Local\Temp\ICReinstall_utorrent-3-3-2-build-30303-es-en-br-fr-de-it-cn-jp-ar-ru-win-setup.exe (.not file.) =>P2P.µTorrent
O4 - GS\Desktop [Elisa]: Continue VuuPC Installation.lnk . (...) -- C:\Users\Elisa\AppData\Local\Temp\ICReinstall_nsgC025.tmp \RR (.not file.) =>PUP.VuuPC
O4 - GS\Desktop [Elisa]: erdf papa 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-01-02 erdf papa\erdf papa 001.jpg
O4 - GS\Desktop [Elisa]: Farmington Tales.lnk . (...) -- C:\Zylom Games\Farmington Tales\Farmington Tales.exe
O4 - GS\Desktop [Elisa]: Favoris - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Garou - Garou - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Garou - Reviens - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: image (1) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (1).jpeg
O4 - GS\Desktop [Elisa]: image (2) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (2).jpeg
O4 - GS\Desktop [Elisa]: image (3) - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\image (3).jpeg
O4 - GS\Desktop [Elisa]: Images - Raccourci.lnk . (...) -- C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [Elisa]: IMG0002A - Raccourci.lnk . (...) -- E:\Images\IMG0002A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0003A - Raccourci.lnk . (...) -- E:\Images\IMG0003A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0004A - Raccourci.lnk . (...) -- E:\Images\IMG0004A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0005A - Raccourci.lnk . (...) -- E:\Images\IMG0005A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0006A - Raccourci.lnk . (...) -- E:\Images\IMG0006A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0007A - Raccourci.lnk . (...) -- E:\Images\IMG0007A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0008A - Raccourci.lnk . (...) -- E:\Images\IMG0008A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: IMG0009A - Raccourci.lnk . (...) -- E:\Images\IMG0009A.jpg (.not file.)
O4 - GS\Desktop [Elisa]: les 100 plus belles chansons de noel - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: Lionel Richie - Can't Slow Down - 08 - Hello - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\Lionel Richie.Discographie Complete.21 Albums.(1982-2012).Mp3.320Kbps.Freek911\1983 - Lionel Richie - Can't Slow Down (1983)\Lionel Richie - Can't Slow Down - 08 - Hello.mp3
O4 - GS\Desktop [Elisa]: Lionel Richie - Dancing on the Ceiling - 08 - Say You, Say Me - Raccourci.lnk . (...) -- C:\Users\Elisa\Downloads\Lionel Richie.Discographie Complete.21 Albums.(1982-2012).Mp3.320Kbps.Freek911\1986 - Lionel Richie - Dancing On The Ceiling (1986)\Lionel Richie - Dancing on the Ceiling - 08 - Say You, Say Me.mp3
O4 - GS\Desktop [Elisa]: notaire 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-14 notaire\notaire 001.jpg
O4 - GS\Desktop [Elisa]: Optimizer Pro.lnk - Clé orpheline =>PUP.OptimizerPro
O4 - GS\Desktop [Elisa]: photo - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Desktop\photo.htm
O4 - GS\Desktop [Elisa]: photo - Raccourci.lnk . (...) -- C:\Users\Elisa\Desktop\photo.htm
O4 - GS\Desktop [Elisa]: photo2 - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Desktop\photo2.htm
O4 - GS\Desktop [Elisa]: photo2 - Raccourci.lnk . (...) -- C:\Users\Elisa\Desktop\photo2.htm
O4 - GS\Desktop [Elisa]: Super TextTwist.lnk . (.GameHouse - Text Twist.) -- C:\Zylom Games\Super TextTwist\TextTwist.exe
O4 - GS\Desktop [Elisa]: Tino Rossi - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: tutelle 3 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle 3\tutelle 3 001.jpg
O4 - GS\Desktop [Elisa]: tutelle1 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle1\tutelle1 001.jpg
O4 - GS\Desktop [Elisa]: tutelle2 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutelle2\tutelle2 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa 1 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa 1\tutellepapa 1 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa2 001 - Raccourci (2).lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2\tutellepapa2 001.jpg
O4 - GS\Desktop [Elisa]: tutellepapa2 001 - Raccourci.lnk . (...) -- C:\Users\Elisa\Pictures\2014-02-18 tutellepapa2\tutellepapa2 001.jpg
O4 - GS\Desktop [Elisa]: VA - les plus belles chansons de noel - Raccourci (2).lnk - Clé orpheline
O4 - GS\Desktop [Elisa]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Elisa]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 109 Legitimates Filtered in 00mn 21s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Elisa]: Alertes de surveillance de l'encre - HP Deskjet 1050 J410 series (Copie 1).lnk . (.Hewlett-Packard Co. - Print Driver Status Business Logic.) -- C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SRS Premium Sound HD] . (.SRS Labs, Inc. - SRS Control Panel.) -- C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O4 - HKLM\..\Run: [TecoResident] . (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [TODDMain] . (.Pas de propriétaire - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [BlockNSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [TPUReg] . (.Pegatron Corporation - TOSHIBA Password Utility.) -- C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Wow6432Node\Run: [F-Secure Manager] C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe (.not file.)
O4 - HKLM\..\Wow6432Node\RunOnce: [RAInstaller C:\Users\Elisa\zylom\Nightmares from the Deep - The Cursed Heart Premium Edition] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2205263597-2392721365-670168616-1001\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2205263597-2392721365-670168616-1001\..\Run: [BlockNSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf
~ Application: Scanned in 00mn 01s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: iGraal [64Bits] - {0FB6492F-7FED-4446-9863-992806E1C419} . (...) -- C:\Program Files\iGraal\iGraalButton.dll
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E29427F-1120-4AC5-B6CF-D51256789249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A50C25A4-B12F-4DC5-A63F-CAC9EDD3FE09}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7E29427F-1120-4AC5-B6CF-D51256789249}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A50C25A4-B12F-4DC5-A63F-CAC9EDD3FE09}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: BlockAndSurf (BlockAndSurf) . (...) - C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe =>PUP.BlockAndSurf
O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\Elisa\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
~ Services: 19 Legitimates Filtered in 00mn 36s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-1.job [1354]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-2.job [1356]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-3.job [2788]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-4.job [2380]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\22ce1643-98ba-4b64-a980-c2aab93c58af-5.job [1348]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1.job [1446]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.job [1430]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.job [3136]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.job [2184]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-5.job [1422]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP1.job [380] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\APSnotifierPP2.job [378] =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\BlockAndSurf Update.job [420] =>PUP.BlockAndSurf
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\BlockAndSurf_wd.job [424] =>PUP.BlockAndSurf
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [308] =>Adware.MyWebSearch
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers1st.job [316] =>PUP.OptimizerEliteMax
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCHelpers_period.job [316] =>PUP.OptimizerEliteMax
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [928]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [932]
[MD5.3ACB33C87B2B2E2430E2A41C0DF469E7] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-1] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-codedownloader.exe [482152] =>PUP.CrossRider
[MD5.8D8CAB5AF4A8A1B36BACD7820B9B84F0] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-2] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe [338280] =>PUP.CrossRider
[MD5.E8428A11ADA2BDF4F4673840F7A1BA23] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-3] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-3.exe [1865576] =>PUP.CrossRider
[MD5.F39C5FA99EF4A47E604A243E279824C4] [APT] [22ce1643-98ba-4b64-a980-c2aab93c58af-4] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-4.exe [801128] =>PUP.CrossRider
[MD5.7AE80F34C915088B02B217CBF0628DC2] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-1] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [477696] =>PUP.CrossRider
[MD5.118177E5B291636A0BECF5419332CD17] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe [333824] =>PUP.CrossRider
[MD5.66AA123CBF19E49E848BEA06AFC3FB0F] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe [1861120] =>PUP.CrossRider
[MD5.4184A2D4B32AAD4BE8A6A928241F46CD] [APT] [84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe [796672] =>PUP.CrossRider
[MD5.33BC945C2FF6C2EA9E6B11E2733F5915] [APT] [APSnotifierPP1] (.AnyProtect by CMI.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [21697536] =>PUP.AnyProtect
[MD5.C16AEA09E281B2F36D9CD244EA09385F] [APT] [BlockAndSurf Update] (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BnSup.exe [385024] =>PUP.BlockAndSurf
[MD5.7EB93B3B36AC201D0802970E21E3C016] [APT] [BlockAndSurf_wd] (...) -- C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe [77312] =>PUP.BlockAndSurf
[MD5.6611F0E57AA3223FA798BE3F6D1DF458] [APT] [MySearchDial] (...) -- C:\Users\Elisa\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe [104960] =>Adware.MyWebSearch
[MD5.1266DD45E1F59C82AADDF81418E471D3] [APT] [PCHelpers1st] (.Viracure Limited.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe [4135272] =>PUP.OptimizerEliteMax
[MD5.1266DD45E1F59C82AADDF81418E471D3] [APT] [PCHelpers_period] (.Viracure Limited.) -- C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe [4135272] =>PUP.OptimizerEliteMax
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.8D8CAB5AF4A8A1B36BACD7820B9B84F0] [APT] [temp_22ce1643-98ba-4b64-a980-c2aab93c58af-2] (.High-QualityV7.) -- C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe [338280] =>PUP.CrossRider
[MD5.118177E5B291636A0BECF5419332CD17] [APT] [temp_84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe [333824] =>PUP.CrossRider
[MD5.8AE13B97BFCAD6C7D3B8C8A1C298EFB4] [APT] [{EC22262C-BE22-4C13-BDD3-1053C49C80B9}] (...) -- C:\Program Files (x86)\ZHPDiag\unins000.exe [694736]
~ Scheduled Task: 61 Legitimates Filtered in 00mn 40s
---\\ Logiciels installés (O42)
O42 - Logiciel: Activeris AntiMalware - (.Activeris.) [HKLM][64Bits] -- 94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1 =>PUP.Activeris
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.AnyProtect
O42 - Logiciel: Art Mahjongg Egypt - (...) [HKLM][64Bits] -- BFG-Art Mahjongg Egypt
O42 - Logiciel: BlockAndSurf - (.BlockAndSurf software.) [HKLM][64Bits] -- f2d51b4c-2921-4a51-a0e0-efc3cbf492b8 =>PUP.BlockAndSurf
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E365FDA-909F-4939-838A-261DD468D862} =>Adware.Boxore
O42 - Logiciel: HQVid1.9v4 - (.High-QualityV7.) [HKLM][64Bits] -- HQVid1.9v4 =>PUP.CrossRider
O42 - Logiciel: Imperial Island: La Naissance d'un Empire - (...) [HKLM][64Bits] -- BFG-Imperial Island - La Naissance d un Empire
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM][64Bits] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: Optimizer Elite Max - (.Viracure Limited.) [HKLM][64Bits] -- Optimizer Elite Max_is1 =>PUP.OptimizerEliteMax
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM][64Bits] -- SearchProtect =>Toolbar.Conduit
O42 - Logiciel: VO Package - (...) [HKLM][64Bits] -- VOPackage =>Adware.Downware
O42 - Logiciel: webssearches uninstaller - (.webssearches.) [HKLM][64Bits] -- webssearches uninstaller
~ Logic: 71 Legitimates Filtered in 00mn 04s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Delta]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TPUKey]
[HKCU\Software\TutoTag] =>AgenceExclusive
[HKCU\Software\Tutorials] =>AgenceExclusive
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Delta]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Tutorials] =>AgenceExclusive
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\iGraal]
[HKLM\Software\iGraal]
~ Key Software: 371 Legitimates Filtered in 00mn 04s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/04/2014 - 13:04:57 - [17,594] ----D C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 14/04/2014 - 03:30:48 - [20,759] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 12/01/2014 - 22:00:39 - [131,842] ----D C:\Program Files (x86)\Art Mahjongg Egypt
O43 - CFD: 14/04/2014 - 03:30:05 - [1,605] ----D C:\Program Files (x86)\BlockAndSurf Corp =>PUP.BlockAndSurf
O43 - CFD: 11/04/2014 - 15:20:48 - [0] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 02/10/2013 - 13:28:18 - [0] ----D C:\Program Files (x86)\Delta
O43 - CFD: 10/04/2014 - 13:07:31 - [7,917] ----D C:\Program Files (x86)\HQVid1.9v4 =>PUP.CrossRider
O43 - CFD: 18/01/2014 - 19:36:22 - [4,831] ----D C:\Program Files (x86)\iGraal
O43 - CFD: 18/01/2014 - 22:08:08 - [296,081] ----D C:\Program Files (x86)\Imperial Island - La Naissance d un Empire
O43 - CFD: 14/04/2014 - 03:29:54 - [3,010] ----D C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 10/04/2014 - 13:04:27 - [5,633] ----D C:\Program Files (x86)\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 10/04/2014 - 13:04:56 - [0,036] ----D C:\ProgramData\Activeris =>PUP.Activeris
O43 - CFD: 11/04/2014 - 07:15:46 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 03/11/2013 - 17:37:44 - [0,001] ----D C:\ProgramData\Once Upon a Time in Chicago
O43 - CFD: 14/01/2014 - 21:58:28 - [1,183] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 10/04/2014 - 13:05:58 - [0,012] ----D C:\Users\Elisa\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 26/10/2013 - 21:17:45 - [0,058] ----D C:\Users\Elisa\AppData\Roaming\CaribbeanJewel
O43 - CFD: 18/01/2014 - 21:59:23 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\HotLava
O43 - CFD: 05/09/2013 - 20:42:04 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\island_tribe_4_bfg_fr
O43 - CFD: 06/12/2013 - 22:16:12 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\Laruaville
O43 - CFD: 02/01/2014 - 21:59:52 - [0,642] ----D C:\Users\Elisa\AppData\Roaming\Mind Elevator Games
O43 - CFD: 14/04/2014 - 03:29:57 - [0,100] ----D C:\Users\Elisa\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 03/11/2013 - 17:38:59 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Once upon a time in Chicago
O43 - CFD: 11/04/2014 - 11:00:04 - [0] ----D C:\Users\Elisa\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 12/11/2013 - 21:51:57 - [0,027] ----D C:\Users\Elisa\AppData\Roaming\Saved Games
O43 - CFD: 10/04/2014 - 13:05:42 - [0,781] ----D C:\Users\Elisa\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 10/04/2014 - 13:05:27 - [0,643] ----D C:\Users\Elisa\AppData\Roaming\webssearches
O43 - CFD: 14/04/2014 - 03:30:49 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
O43 - CFD: 12/01/2014 - 21:59:40 - [0,003] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Art Mahjongg Egypt
O43 - CFD: 18/01/2014 - 19:36:23 - [0,001] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iGraal
O43 - CFD: 18/01/2014 - 22:06:52 - [0,004] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperial Island - La Naissance d un Empire
O43 - CFD: 10/04/2014 - 13:05:42 - [0,002] ----D C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
~ Program Folder: 244 Legitimates Filtered in 01mn 15s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.110BEF03ACD02079B62CD8B99DD8604B] - 10/04/2014 - 12:04:50 ---A- . (...) -- C:\Windows\System32\acrisnative64.exe [20480]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 11/04/2014 - 21:06:24 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
~ Files: 43 Legitimates Filtered in 01mn 49s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.235F99E407F8A6679861E7405C8FF8BB] - 10/04/2014 - 12:04:21 ---A- - C:\Windows\Prefetch\FREESOFTTODAY.TMP-187E5FBB.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.59DF8C72024E2D1BA0CDECCB1BEA91A6] - 10/04/2014 - 12:04:27 ---A- - C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-C91C1B51.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.421CB66DAADA04D190B6E4500405E8FF] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\AMSETUP_ACTIVERIS_DEFAULT_010-F49BCD0E.pf =>PUP.Activeris
O45 - LFCP:[MD5.E2BA0F6032595691D457EDD89C8C124C] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\ICAJSLHPSZG.EXE-9F1270B5.pf
O45 - LFCP:[MD5.1AD5EE2121D843F9387BD007B66E3943] - 10/04/2014 - 12:05:02 ---A- - C:\Windows\Prefetch\VFFVX.EXE-4151B401.pf
O45 - LFCP:[MD5.40865C4170741102385527AB0C52D41B] - 10/04/2014 - 12:06:50 ---A- - C:\Windows\Prefetch\NSG3D5.TMP.EXE-A5974BD0.pf
O45 - LFCP:[MD5.32C54C56D6BAB15C646922AD310E4B89] - 10/04/2014 - 12:06:50 ---A- - C:\Windows\Prefetch\NSQC6D5.TMP-7EA83610.pf
O45 - LFCP:[MD5.990B274205343AB139B2A66E859DC3FE] - 10/04/2014 - 12:27:12 ---A- - C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.C828180C10AB5ED28267BC77436ABD41] - 10/04/2014 - 12:45:52 ---A- - C:\Windows\Prefetch\NSMC6BB.TMP-5178A8C3.pf
O45 - LFCP:[MD5.FB5435CA487A44AAD13FB02D9F45D4F0] - 11/04/2014 - 06:14:58 ---A- - C:\Windows\Prefetch\MAJFSTFR.TMP-09F213F8.pf
O45 - LFCP:[MD5.15760F424C0936636AC63BE3F62FD8BB] - 11/04/2014 - 06:15:44 ---A- - C:\Windows\Prefetch\PACKAGE_BUENO_OFFER_MULTILANG-84894552.pf
O45 - LFCP:[MD5.8EA958F977DB614E78F9B025DDE91AD2] - 11/04/2014 - 06:15:52 ---A- - C:\Windows\Prefetch\PACKAGE_BUENO_INSTALLER_MULTI-C79AB722.pf
O45 - LFCP:[MD5.20221856C273840823664CAFE6610FF2] - 11/04/2014 - 06:16:07 ---A- - C:\Windows\Prefetch\MYBUENOTB.EXE-9B17B13B.pf
O45 - LFCP:[MD5.EA87DD09585CBE1F74ED2F6062A1C540] - 11/04/2014 - 10:33:44 ---A- - C:\Windows\Prefetch\FST_FR_134.EXE-0EA41039.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.A72BBCDA1759AD0226AD3F50A7678137] - 11/04/2014 - 12:39:09 ---A- - C:\Windows\Prefetch\UPFST_FR_134.EXE-2444B142.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.0BF8B5A2B1DA3451907EFFE138149BD4] - 11/04/2014 - 14:31:18 ---A- - C:\Windows\Prefetch\RELPOST.EXE-AC41CDAF.pf
O45 - LFCP:[MD5.BE93BE4DE625715C943A1896238589C5] - 13/04/2014 - 12:49:54 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.74868BF86E6EBA5D5629376A6C74181D] - 14/04/2014 - 02:28:41 ---A- - C:\Windows\Prefetch\NSTBD7A.TMP-FD6E115B.pf
O45 - LFCP:[MD5.D00568EE57B510338AF73C0C91504398] - 14/04/2014 - 02:29:49 ---A- - C:\Windows\Prefetch\NSOCB8E.TMP.EXE-992BF126.pf
O45 - LFCP:[MD5.54B1D910760EAAC8FB894CDA226B02DE] - 14/04/2014 - 02:29:52 ---A- - C:\Windows\Prefetch\NSZD714.TMP.EXE-1B265A03.pf
O45 - LFCP:[MD5.DDFD733A8E71F41C019C5C0148D1331B] - 14/04/2014 - 20:53:44 ---A- - C:\Windows\Prefetch\BANDIZIP64.EXE-B896758F.pf
O45 - LFCP:[MD5.298DCF133AB1E7DDA40F69222D6AE3A3] - 15/04/2014 - 06:07:26 ---A- - C:\Windows\Prefetch\CLTMNGUI.EXE-8AC9A995.pf
O45 - LFCP:[MD5.A24FFEE3254E6156FA19CF1115CDD668] - 15/04/2014 - 06:07:38 ---A- - C:\Windows\Prefetch\BLOCKANDSURF_WD.EXE-33BF3845.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.B37E3D92032030646DB515153623A515] - 15/04/2014 - 06:07:39 ---A- - C:\Windows\Prefetch\BNSUP.EXE-2100DB8D.pf
O45 - LFCP:[MD5.E74291B8A7998401307B70DCB6146509] - 15/04/2014 - 06:08:08 ---A- - C:\Windows\Prefetch\TOASTNOTIFIER.EXE-271D6148.pf
O45 - LFCP:[MD5.233DCDE9470D6353BD1568BAB60741EB] - 15/04/2014 - 08:04:28 ---A- - C:\Windows\Prefetch\CLTMNG.EXE-C60707AC.pf
O45 - LFCP:[MD5.0B738F280421CA748826A13F64C5B075] - 15/04/2014 - 08:04:47 ---A- - C:\Windows\Prefetch\BLOCKANDSURF158.EXE-A49BB469.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.555AD50BD2EFCC20DF10E4633E1105E5] - 15/04/2014 - 08:04:55 ---A- - C:\Windows\Prefetch\BLOCKNSURF.EXE-21D8C53A.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.8C4CB2C2AAC94D88D98181A3901DFCBF] - 15/04/2014 - 10:00:13 ---A- - C:\Windows\Prefetch\OPTIMIZER ELITE MAX.EXE-FAB4A2FB.pf =>PUP.OptimizerEliteMax
O45 - LFCP:[MD5.F0A61115655CB0B42BD1E75CDE3C12C5] - 15/04/2014 - 12:10:27 ---A- - C:\Windows\Prefetch\SOFTWARECRASHHANDLER.EXE-5F240164.pf
O45 - LFCP:[MD5.5CCA4D6069B1A3366C3DA64BABE9A81F] - 15/04/2014 - 14:10:11 ---A- - C:\Windows\Prefetch\BO-JONG.EXE-B40F28DB.pf
O45 - LFCP:[MD5.A2F3EFDA6F5BC780A00B7D27EA6C9CF7] - 15/04/2014 - 14:21:46 ---A- - C:\Windows\Prefetch\FREESPIDER.EXE-0C6A8E81.pf
O45 - LFCP:[MD5.E42D88288870713DE02867FB953724DD] - 15/04/2014 - 15:29:03 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-23278905.pf
O45 - LFCP:[MD5.76E3E8436F54D2E4C627378547EB9E10] - 15/04/2014 - 17:05:47 ---A- - C:\Windows\Prefetch\HQVID1.9V4-BG.EXE-5A797215.pf =>PUP.CrossRider
O45 - LFCP:[MD5.F64484369AE48DAE57BD70EA026FFC21] - 15/04/2014 - 17:05:47 ---A- - C:\Windows\Prefetch\MEDIAPLAYERPLUS-BG.EXE-EA87D0B3.pf =>PUP.CrossRider
O45 - LFCP:[MD5.D5CBF12166B2CE819ABB7CB8E4CCC03C] - 15/04/2014 - 18:05:07 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-95A0062B.pf
O45 - LFCP:[MD5.E1A0DAF113A4EC65F866D1EB999F161D] - 15/04/2014 - 18:05:08 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-97F2B639.pf
O45 - LFCP:[MD5.C7252DB153128BE6533A99DB172DE8A7] - 15/04/2014 - 18:05:12 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-AB4870BE.pf
O45 - LFCP:[MD5.F31C0EA32D56F65F4EE8E122D2239B8A] - 15/04/2014 - 18:05:12 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-824A4BA6.pf
O45 - LFCP:[MD5.0A28FCFECF0979F32CB71CB950DA4412] - 15/04/2014 - 18:07:03 ---A- - C:\Windows\Prefetch\22CE1643-98BA-4B64-A980-C2AAB-849CFBB4.pf
O45 - LFCP:[MD5.AA89573EC30F1B1F63A3F8831661B2C8] - 15/04/2014 - 18:07:03 ---A- - C:\Windows\Prefetch\84FEC6D9-2FF8-4DF1-AF03-941A4-6EF49121.pf
O45 - LFCP:[MD5.C21B412EE5207D35CAE3D3B7D9E9DFB6] - 15/04/2014 - 18:08:23 ---A- - C:\Windows\Prefetch\MEDIAPLAYERPLUS-CODEDOWNLOADE-DD2EDCB8.pf =>PUP.CrossRider
O45 - LFCP:[MD5.C32091B81E7A1E28D31775C70BBBE86B] - 15/04/2014 - 18:14:37 ---A- - C:\Windows\Prefetch\TRIGGER.EXE-CA6FE474.pf
O45 - LFCP:[MD5.FBB6C5BC3FE3E6ABB4845AAE901AB591] - 15/04/2014 - 18:15:17 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-6E13F4BF.pf =>Adware.Downware
O45 - LFCP:[MD5.419A8C19720C9B0BEDAECC94149BEBA9] - 15/04/2014 - 18:15:44 ---A- - C:\Windows\Prefetch\NSGC025.TMP-EC820B96.pf
O45 - LFCP:[MD5.06157C7B8EF909F0CE96DAC317C232B9] - 24/03/2014 - 10:51:32 ---A- - C:\Windows\Prefetch\123FREESOLITAIREFORCHILDREN.E-E0054983.pf
~ Prefetcher: 46 Legitimates Filtered in 00mn 02s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 17/08/2013 - 06:29:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 17/08/2013 - 06:29:56 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:[MD5.E86C64478D9A90D62255FE9EB0150C6E] - 17/08/2013 - 06:29:56 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.3248B5CC4AA7942EE7BC26F1EB00210B] - 20/08/2013 - 06:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudserd.sys [204568]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.16E745743BABAF480B7718442F38B076] - 31/07/2012 - 20:28:54 ---A- . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\Drivers\Thotkey.sys [28632]
O58 - SDL:[MD5.A83B43AC95F83940E6AE0FB4023602B2] - 31/12/2013 - 16:47:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [41024]
~ Drivers: 19 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\UI\rep\UIRepository.dat [12430] =>Toolbar.Conduit
O61 - LFC: 14/04/2014 - 20:13:55 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\mysearchdial\UpdateProc\info.dat [55] =>Adware.MyWebSearch
O61 - LFC: 14/04/2014 - 20:13:56 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\WB.CFG [41]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\Desktop.lnk [486]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\Downloads.lnk [937]
O61 - LFC: 14/04/2014 - 20:14:09 ---A- . (...) -- C:\Users\Elisa\Links\RecentPlaces.lnk [383]
O61 - LFC: 15/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat [104606] =>Toolbar.Conduit
O61 - LFC: 15/04/2014 - 20:13:48 ---A- . (...) -- C:\Users\Elisa\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat [1954] =>Toolbar.Conduit
O61 - LFC: 15/04/2014 - 20:13:51 ---A- . (...) -- C:\Users\Elisa\AppData\Roaming\Borak.Bo-Jong.Pref [73]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.MD5 [1742]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.m3u [1658]
O61 - LFC: 15/04/2014 - 20:14:02 R--A- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\.pls [2114]
O61 - LFC: 15/04/2014 - 20:14:03 -SHA- . (...) -- C:\Users\Elisa\Downloads\Indila - Mini World (Deluxe Edition 2014)\Thumbs.db [16384]
~ Files: 109 Legitimates Filtered in 00mn 42s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (webssearches) - http://istart.webssearches.com =>Hijacker.WebsSearches
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} [DefaultScope] - (Conduit Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\windows\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore
O90 - PUC: "C6AC1163ACF500943A92A6111832CCCF" . (.Bing Bar.) -- C:\windows\Installer\{3611CA6C-5FCA-4900-A329-6A118123CCFC}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 68 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32 =>Adware.BrowseFox
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS =>Adware.BrowseFox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
~ BTK: 83 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110511311172}] (HQVid1.9v4) =>PUP.CrossRider
[HKCR\CLSID\{11111111-1111-1111-1111-110511421146}] (MediaPlayerplus) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522312272}] (CrossriderApp0053172.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522422246}] (CrossriderApp0054246.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4925 Legitimates Filtered in 00mn 22s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 13/03/2014 1017424 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 23/07/2013 240288 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe =>Toolbar.Bing
SS - | Demand 10/07/1658 0 | (FSMA) . (...) - C:\Program Files (x86)\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 03/03/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/03/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/03/2014 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 10/04/2014 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 10/04/2014 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 04/01/2013 116240 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/08/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 13/03/2014 440400 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 13/03/2014 440400 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 23/07/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe =>Toolbar.Bing
SR - | Auto 14/04/2014 143360 | (BlockAndSurf) . (...) - C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf158.exe =>PUP.BlockAndSurf
SR - | Auto 08/04/2014 2470688 | (CltMngSvc) . (.Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
SR - | Auto 18/01/2013 188400 | (fshoster) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
SR - | Auto 31/12/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files (x86)\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
SR - | Auto 07/10/2013 240736 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 13/10/2011 156672 | (GFNEXSrv) . (...) - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 27/03/2014 581568 | (ogmservice) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Online Games Manager\ogmservice.exe
SR - | Auto 05/12/2012 201872 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Demand 27/07/2012 53384 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation
SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 25/08/2012 291240 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe =>.Toshiba Corporation
SR - | Demand 28/07/2012 458152 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Auto 08/04/2014 355328 | (vosr) . (...) - C:\Users\Elisa\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 26s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Elisa at 15/04/2014 20:18:38
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 263
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 19
Fichiers trouvés (Files found) : 51
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\BlockAndSurf] =>PUP.BlockAndSurf^
[HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1] =>PUP.Activeris^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\f2d51b4c-2921-4a51-a0e0-efc3cbf492b8] =>PUP.BlockAndSurf^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E365FDA-909F-4939-838A-261DD468D862}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQVid1.9v4] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Elite Max_is1] =>PUP.OptimizerEliteMax^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{6deee498-08cc-43f0-bca0-dbb5a25c9501}] =>Trojan.FakeAlert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Classes\CLSID\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASAPI32] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Tracing\updateBrowseFox_RASMANCS] =>Adware.BrowseFox
[HKLM\Software\Classes\CrossriderApp0053172.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0053172.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0054246.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522312272}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522422246}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0053172.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0054246.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522312272}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522422246}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511311172}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BlockNSurf =>PUP.BlockAndSurf^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb} =>Trojan.FakeAlert
C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris^
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^
C:\Program Files (x86)\BlockAndSurf Corp =>PUP.BlockAndSurf^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\HQVid1.9v4 =>PUP.CrossRider^
C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch^
C:\Program Files (x86)\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\ProgramData\Activeris =>PUP.Activeris^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\Users\Elisa\AppData\Roaming\Activeris =>PUP.Activeris^
C:\Users\Elisa\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\Elisa\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\Users\Elisa\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^
C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\Elisa\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe =>Toolbar.Conduit^
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe =>Toolbar.Conduit^
C:\Program Files (x86)\BlockAndSurf Corp\BlockAndSurf_wd.exe =>PUP.BlockAndSurf^
C:\Program Files (x86)\BlockAndSurf Corp\BlockNSurf.exe =>PUP.BlockAndSurf^
C:\Users\Elisa\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\program files (x86)\hqvid1.9v4\hqvid1.9v4-bg.exe =>PUP.CrossRider^
C:\program files (x86)\mediaplayerplus\mediaplayerplus-bg.exe =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\Tasks\BlockAndSurf Update.job =>PUP.BlockAndSurf^
C:\Windows\Tasks\BlockAndSurf_wd.job =>PUP.BlockAndSurf^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\Tasks\PCHelpers1st.job =>PUP.OptimizerEliteMax^
C:\Windows\Tasks\PCHelpers_period.job =>PUP.OptimizerEliteMax^
C:\Program Files (x86)\HQVid1.9v4\HQVid1.9v4-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQVid1.9v4\22ce1643-98ba-4b64-a980-c2aab93c58af-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\MediaPlayerplus\84fec6d9-2ff8-4df1-af03-941a44d5d8f4-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect^
C:\Program Files (x86)\BlockAndSurf Corp\BnSup.exe =>PUP.BlockAndSurf^
C:\Users\Elisa\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe =>Adware.MyWebSearch^
C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe =>PUP.OptimizerEliteMax^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
[HKCU\Software\Activeris] =>PUP.Activeris^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris^
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday^
[HKCR\CLSID\{11111111-1111-1111-1111-110511311172}] (HQVid1.9v4) =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110511421146}] (MediaPlayerplus) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220522312272}] (CrossriderApp0053172.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220522422246}] (CrossriderApp0054246.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
C:\Users\Elisa\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore
C:\Users\Elisa\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
C:\Users\Elisa\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon
C:\Users\Elisa\AppData\Local\Temp\nse961F.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\nsy174E.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\SPSetup.exe =>Toolbar.Conduit
C:\Users\Elisa\AppData\Local\Temp\uttBDA9.tmp.exe =>Toolbar.Conduit
~ Additionnel Scan: 235036 Items scanned in 01mn 26s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.webs.com/apps/blog/show/41962428-hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.webs.com/apps/blog/show/41903075-pup-activeris =>PUP.Activeris
http://nicolascoolman.webs.com/apps/blog/show/41695344-pup-optimizerelitemax =>PUP.OptimizerEliteMax
http://nicolascoolman.webs.com/apps/blog/show/41695065-pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.webs.com/apps/blog/show/33388048-pup-vuupc =>PUP.VuuPC
http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26690384-adware-downware =>Adware.Downware
http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>AgenceExclusive
http://nicolascoolman.webs.com/apps/blog/show/33340107-adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9
http://nicolascoolman.webs.com/apps/blog/show/34153565-pup-buenosearch =>PUP.BuenoSearch
http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ MSI: 24 link(s) detected in 00mn 00s
~ 1334 Legitimates filtered by white list
End of the scan (1036 lines in 12mn 36s)(0)