Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par FARQUE (07/06/2015 13:41:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
GCIE: Google Chrome v43.0.2357.81
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
AVG 2012 v12.0.2112
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 ActiveX
Adobe Reader X
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4063 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 329 GB (72%) free of 453 GB
---\\ Mode de connexion au système
~ Computer Name: FARQUE-PC
~ User Name: FARQUE
~ All Users Names: HomeGroupUser$, FARQUE, Alizee, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\FARQUE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\FARQUE\AppData\Roaming\
~ %Desktop% : C:\Users\FARQUE\Desktop\
~ %Favorites% : C:\Users\FARQUE\Favorites\
~ %LocalAppData% : C:\Users\FARQUE\AppData\Local\
~ %StartMenu% : C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 329 Go of 453 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 03s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 20s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7785
~ Mes musiques (My Musics) : 1/936
~ Mes Favoris (My Favorites) : 1/59
~ Mes Documents (My Documents) : 2/1166
~ Mon Bureau (My Desktop) : 1/525
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 02mn 00s
---\\ Processus lancés
[MD5.B76756198468FDC616B3EBAFD5268496] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\XTab\cmdshell.exe [29312] [PID.2308] =>PUP.SearchProtect
[MD5.DA7D56A0035EB4EBECC148B6CA9B7BED] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\XTab\HPNotify.exe [674432] [PID.2452]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.5100]
[MD5.B508A4EE516D905730458BB50B79979B] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.2060]
[MD5.3E6015A850AF29B4EF13B88D0E125E81] - (.Pas de propriétaire - jiknuefg.) -- C:\ProgramData\Ahruexlot\1.0.1.0\jiknuefg.exe [155648] [PID.3256]
[MD5.538DC2E997F4EFCABE4DEE6655A1AFB9] - (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe [3318728] [PID.3816] =>PUP.CrossRider
[MD5.596C3DD487001E237CCE431EAE6F3EA0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144] [PID.5600]
[MD5.CCF2234A35077CA217A61C9CACC48198] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.5620]
[MD5.A847B258D12B6D1BB124BD5DEBB05162] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.5656]
[MD5.E72E98FEB4160E8B40075604EFC723EC] - (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe [1067232] [PID.5732]
[MD5.CA595FA53E6C797EC1AB43AFB4B4F183] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816] [PID.6008]
[MD5.096407F0CB75519F4DBFBA5BB413187B] - (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816] [PID.3652]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5528]
[MD5.8F89E6CB82E6DB45BC993D423CD0FDBD] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [323640] [PID.5424]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.4688]
[MD5.47EA5F76FAB723C61AB4A0D79BAD512C] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176] [PID.4508]
[MD5.545676F48851A5C65A38CAE5B5518C95] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816] [PID.5988]
[MD5.EB29F881F7B1151840266A54DCE71740] - (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe [3346544] [PID.5960] =>PUP.Babylon
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5344]
[MD5.31B522014FC560C122CDFA72D47CA940] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272] [PID.3240]
[MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] - (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] [PID.3940] =>PUP.SmartWeb
[MD5.DFABD45F0D7665E88C617A6FC93F57EC] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe [251344] [PID.720]
[MD5.F9DBF3899AC1691E12D9C03D9AF484BD] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe [772048] [PID.1088]
[MD5.B243A59D480C566255E11DEADF7D264C] - (.Pas de propriétaire - Notifier Orange.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe [1674192] [PID.4468]
[MD5.BAA1780D73BFA212D97851FCD43F1DA3] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe [419280] [PID.5740]
[MD5.44069C2AC699C8DAD80A96FB1C8DFE57] - (.SoftBrain Technologies Ltd. - SmartWeb Application.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebApp.exe [557088] [PID.6348] =>PUP.SmartWeb
[MD5.BDEFC081D02C162DCB90738BE432D66B] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504] [PID.7004]
[MD5.D88B2D487439305A2EC308A6796C3044] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3024]
[MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.7636]
[MD5.0D2C876297AD054C1F9597956501FE11] - (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProReminder.exe [893072] [PID.7768] =>PUP.OptimizerPro
[MD5.01BCC98FC10E8AE9378979C6A328E1D8] - (.Pas de propriétaire - Generic Setup Component.) -- C:\Users\FARQUE\AppData\Local\Temp\nsh6E20.tmp [285836] [PID.3036]
[MD5.28F1565229C7DA1F092EF6C63648AC70] - (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_610\upgmsd_fr_610.exe [3295688] [PID.6672] =>PUP.CrossRider
[MD5.14B1D2A3A4B5F74541292DE251244F66] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe [796672] [PID.4484] =>PUP.CrossBrowser
[MD5.2DD8B60C0263ECE4DB2F67D7FDDB0806] - (...) -- C:\Users\FARQUE\AppData\Local\Temp\nsz51D8.tmp [229153] [PID.9008]
[MD5.7E0B4C8EFEDDEBE87D2A1F5A33B965B5] - (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104] [PID.3060]
[MD5.CA0E11991CD1E398E6BBAEF22F4717D5] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe [1543248] [PID.212] =>PUP.CrossRider
[MD5.C37E4488B52C36E603E5C6975DF2C1FE] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe [1567312] [PID.8920] =>PUP.CrossRider
[MD5.6BE1F78CFD5CC54B03091F86829A61E2] - (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe [801280] [PID.4248] =>PUP.SpeedBrowser
[MD5.1847FBE0F19FFBAEBB32F2CC91F3C903] - (...) -- C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe [4461616] [PID.892] =>PUP.SuperOptimizer
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.8144]
[MD5.5FEAB868CAEDBBD1B7A145CA8261E4AA] - (.Microsoft Corporation - Rapports de problèmes Windows.) -- C:\Windows\SysWOW64\werfault.exe [360448] [PID.3228]
[MD5.2A474C9DBB9FBAC669D86149F7CE5FF3] - (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [134824] [PID.4432]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.1724]
[MD5.608D6A90E989C6522F170E5526A64BF4] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1812]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.2004]
[MD5.D167D7075524F721D8D2211A563591FB] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\XTab\ProtectService.exe [157824] [PID.2120]
[MD5.D1AFCCBC2BC504F9F0C70B058EBE344B] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.2256] =>PUP.Infonaut
[MD5.8474BEDF3A84A178AE2948C1A0244BA4] - (...) -- C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe [664064] [PID.2384] =>Adware.Downware
[MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2432]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.2756]
[MD5.839E88DB24D2D8F05B72E12B175951CA] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2228008] [PID.2932]
[MD5.BADA4A2F1FAC4078389F4C710C9D3E29] - (...) -- C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe [1073152] [PID.1996]
[MD5.A67A39198E9EAC37684F2816247E738F] - (.Rational Thought Solutions - HealthAlert Service.) -- C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe [2731504] [PID.3676] =>PUP.HealthAlert
[MD5.28391B69DF7CF32AD424D9F41ECE601E] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe [1380432] [PID.3892] =>PUP.CrossRider
[MD5.63D3035C741338CFFA212CD7575C152A] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe [1513552] [PID.3928] =>PUP.CrossRider
[MD5.9B7EDD3FE7C211C36E921D34D18A3A0A] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1001376] [PID.3480]
[MD5.F9A79C5B27037821112C50A9C8FB367A] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [228408] [PID.6864]
[MD5.97372CBC9D69C0CBCA1915FD60C7E35D] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe [1494608] [PID.8312] =>PUP.CrossRider
[MD5.AC6451E68EDC7EF1443D659C8BD69D61] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe [1512016] [PID.7000] =>PUP.CrossRider
[MD5.3C14AAE26EA06BADAC98520773772CEB] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] [PID.9872] =>PUP.GlobalUpdate
[MD5.17506246A7580B0CA771EC6E17B0011F] - (...) -- C:\Program Files (x86)\Edu App\updateEduApp.exe [473320] [PID.7476] =>PUP.Optional
[MD5.B84DC244D2D4EB9C8D141CAEF41D1087] - (.Pas de propriétaire - SGGLFX.) -- C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe [284672] [PID.1692]
~ Processes Running: Scanned in 01mn 20s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FARQUE\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 5 Legitimates Filtered in 00mn 51s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.14.1.20007) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ IE Browser: 19 Legitimates Filtered in 00mn 05s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:52568;https=127.0.0.1:52568 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 06s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 14s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll =>PUP.Babylon
O2 - BHO: LuckyTab Class [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\XTab\SupTab.dll =>PUP.LuckyTab
O2 - BHO: AOL Toolbar BHO [64Bits] - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Babylon IE plugin [64Bits] - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} . (.Babylon Ltd. - Babylon Internet Explorer Addin.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll =>PUP.Babylon
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O2 - BHO: Edu App 1.0.0.7 [64Bits] - {ebfbdd44-c0e0-4f63-a8e6-ee5f34765238} . (.Edu App - Edu App.) -- C:\Program Files (x86)\Edu App\EduAppbho.dll =>PUP.Optional
~ BHO: 22 Legitimates Filtered in 01mn 59s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 54s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Babylon.lnk . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [Public]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\Desktop [Public]: WindeskWinsearch.lnk . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - GS\QuickLaunch [FARQUE]: Babylon.lnk . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - GS\QuickLaunch [FARQUE]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\QuickLaunch [FARQUE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\QuickLaunch [FARQUE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\QuickLaunch [FARQUE]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\TaskBar [FARQUE]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\TaskBar [FARQUE]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\Program [FARQUE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\SystemTools [FARQUE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [FARQUE]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect
O4 - GS\Desktop [FARQUE]: Internet.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [FARQUE]: Optimizer Pro.lnk . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptimizerPro.exe =>PUP.OptimizerPro
O4 - GS\Desktop [FARQUE]: Super Optimizer.lnk . (...) -- C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe =>PUP.SuperOptimizer
~ Global Startup: 21 Legitimates Filtered in 02mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [FARQUE]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Startup [FARQUE]: SmartWeb.lnk . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Windesk Winsearch] . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Super Optimizer] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer
O4 - HKCU\..\Run: [Optimizer Pro] . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6E5D734F8743C00C12673D99E9D72591] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [IP Network] . (.Pas de propriétaire - launch_networker.) -- C:\Program Files (x86)\InstallPedia\lnetworker.exe =>Adware.InstallPedia
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Babylon Client] . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Icon225_IEWLauncher] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Update] . (.Pas de propriétaire - Orange Updater.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\UpdteApp.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Statistics] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_SMSNotifier] . (.Pas de propriétaire - Notifier Orange.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_HSSModule] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [WinCheck] . (...) -- C:\Users\FARQUE\AppData\Local\39464E43-1433317485-5931-344A-00269E94F367\bnss1997.exe =>PUP.Wincheck
O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_596] . (...) -- C:\Program Files (x86)\gmsd_fr_596\gmsd_fr_596.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_610] . (...) -- C:\Program Files (x86)\gmsd_fr_610\gmsd_fr_610.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_596.exe] . (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_610.exe] C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_610.exe (.not file.) =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Super Optimizer] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Optimizer Pro] . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [GoogleChromeAutoLaunch_6E5D734F8743C00C12673D99E9D72591] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
~ Application: Scanned in 00mn 12s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} ((no name)) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: OptimizerPro Monitoring (caa89563) . (...) - c:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll =>PUP.OptimizerPro
O23 - Service: SuperOptimizer Stats (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptStats.dll =>PUP.SuperOptimizer
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files (x86)\XTab\ProtectService.exe =>Adware.AgentODR
O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (.Infonaut - Infonaut Client Service.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
O23 - Service: Computer Receive (lecozydy) . (...) - C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
O23 - Service: Update Edu App (Update Edu App) . (...) - C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional
O23 - Service: Util Edu App (Util Edu App) . (...) - C:\Program Files (x86)\Edu App\bin\utilEduApp.exe =>PUP.Optional
O23 - Service: WaInternetEnhancer Service (WaInternetEnhancer Service) . (...) - C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe
~ Services: 24 Legitimates Filtered in 14mn 40s
---\\ Tâches planifiées en automatique (O39)
[MD5.28391B69DF7CF32AD424D9F41ECE601E] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe [1380432] =>PUP.CrossRider
[MD5.5E5FF5512D0967C74794FCDA50BD594D] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.exe [1137744] =>PUP.CrossRider
[MD5.C37E4488B52C36E603E5C6975DF2C1FE] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe [1567312] =>PUP.CrossRider
[MD5.9A76885A161FBBCC8AC02AA398D050FA] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-3] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.exe [1478736] =>PUP.CrossRider
[MD5.BECA57B59AA3EBC9DD07A170697ED256] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-5] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe [1206864] =>PUP.CrossRider
[MD5.BECA57B59AA3EBC9DD07A170697ED256] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe [1206864] =>PUP.CrossRider
[MD5.63D3035C741338CFFA212CD7575C152A] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-6] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe [1513552] =>PUP.CrossRider
[MD5.5E5FF5512D0967C74794FCDA50BD594D] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-7] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.exe [1137744] =>PUP.CrossRider
[MD5.AC6451E68EDC7EF1443D659C8BD69D61] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe [1512016] =>PUP.CrossRider
[MD5.F09A3681F53C008FDD27932646A3975B] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.exe [1015888] =>PUP.CrossRider
[MD5.CA0E11991CD1E398E6BBAEF22F4717D5] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe [1543248] =>PUP.CrossRider
[MD5.19C8083DB429CE5ED4EA11587CADB338] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.exe [1311312] =>PUP.CrossRider
[MD5.78DECB9F87743223BA203F1180476467] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe [1068624] =>PUP.CrossRider
[MD5.78DECB9F87743223BA203F1180476467] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe [1068624] =>PUP.CrossRider
[MD5.97372CBC9D69C0CBCA1915FD60C7E35D] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe [1494608] =>PUP.CrossRider
[MD5.F09A3681F53C008FDD27932646A3975B] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.exe [1015888] =>PUP.CrossRider
[MD5.3E6015A850AF29B4EF13B88D0E125E81] [APT] [Ahruexlot] (...) -- C:\ProgramData\Ahruexlot\1.0.1.0\jiknuefg.exe [155648]
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP1] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP2] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP3] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.20393A94CDF086E897BB26CF3018E768] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1918040] =>PUP.CrossBrowser
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [KiRLQJamY] (...) -- C:\Users\FARQUE\AppData\Roaming\KiRLQJamY.exe [1579520]
[MD5.33FEA334723B5293842DB05D456CD186] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe [148112] =>PUP.OptimizerPro
[MD5.2A474C9DBB9FBAC669D86149F7CE5FF3] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [134824] =>Toolbar.Ask
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [sgah6rLPaRY] (...) -- C:\Users\FARQUE\AppData\Roaming\sgah6rLPaRY.exe [1579520]
[MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] [APT] [SmartWeb Upgrade Trigger Task] (.SoftBrain Technologies Ltd..) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] =>PUP.SmartWeb
[MD5.5DDA0FF6DABE3F06F190DC320DDCA2B8] [APT] [Super Optimizer Schedule] (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676400] =>PUP.SuperOptimizer
[MD5.00000000000000000000000000000000] [APT] [{46D3D54F-E9F0-4412-A250-3B8CCB0D46A4}] (...) -- F:\Setup.exe (.not file.) [0]
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.job [3140] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 [3140] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.job [3476] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 [3476] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user.job [2114] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user [2114] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-3 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.job [4496] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-3 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3 [4496] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.job [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5 [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user.job [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-6 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.job [5520] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-6 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6 [5520] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-7 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.job [5184] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-7 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7 [5184] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.job [3140] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 [3140] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.job [3476] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 [3476] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user.job [2114] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user [2114] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.job [4496] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 [4496] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.job [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user.job [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.job [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.job [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 [5520] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[74c7].job [342] =>PUP.BidailySync
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[74c7] [342] =>PUP.BidailySync
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1058] =>PUP.CrossBrowser
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1058] =>PUP.CrossBrowser
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [972] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [972] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [976] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [976] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: KiRLQJamY - (...) -- C:\Windows\Tasks\KiRLQJamY.job [994]
O39 - APT: KiRLQJamY - (...) -- C:\Windows\System32\Tasks\KiRLQJamY [994]
O39 - APT: sgah6rLPaRY - (...) -- C:\Windows\Tasks\sgah6rLPaRY.job [998]
O39 - APT: sgah6rLPaRY - (...) -- C:\Windows\System32\Tasks\sgah6rLPaRY [998]
~ Scheduled Task: 96 Legitimates Filtered in 00mn 14s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (innfd_1_10_0_14) . (.Infonaut - Infonaut Driver x64.) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys =>PUP.Infonaut
O41 - Driver: ({ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 71 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.CMILimited
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0} =>Toolbar.Ask
O42 - Logiciel: Babylon - (.Babylon.) [HKLM][64Bits] -- Babylon =>PUP.Babylon
O42 - Logiciel: Babylon toolbar on IE - (...) [HKLM][64Bits] -- BabylonToolbar =>PUP.Babylon
O42 - Logiciel: CinemaPlus-3.2cV06.06 - (.Cinema PlusV06.06.) [HKLM][64Bits] -- CinemaPlus-3.2cV06.06 =>PUP.CrossRider
O42 - Logiciel: CinemaPlus-4.2vV03.06 - (.Cinema PlusV03.06.) [HKLM][64Bits] -- CinemaPlus-4.2vV03.06 =>PUP.CrossRider
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser
O42 - Logiciel: Edu App - (.Edu App.) [HKLM][64Bits] -- Edu App =>PUP.Optional
O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM][64Bits] -- Infonaut_1.10.0.14 =>PUP.Infonaut
O42 - Logiciel: Server Web Directory - (.Server Web Directory.) [HKLM][64Bits] -- wincheck =>PUP.Wincheck
O42 - Logiciel: SmartWeb - (.SoftBrain Technologies Ltd..) [HKLM][64Bits] -- SmartWeb =>PUP.SmartWeb
O42 - Logiciel: Wajam - (.WaInternetEnhancer.) [HKLM][64Bits] -- WaInternetEnhancer =>PUP.Wajam
O42 - Logiciel: WindeskWinsearch 1.0 - (.PCSoftware.) [HKLM][64Bits] -- WindeskWinsearch =>PUP.WindeskWinsearch
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.Istart
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.StartSearch
~ Logic: 61 Legitimates Filtered in 00mn 03s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\APN]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Ask.com]
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Babylon] =>PUP.Babylon
[HKCU\Software\Browser]
[HKCU\Software\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV06.06] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06] =>PUP.CrossRider
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\Edu App] =>PUP.Optional
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\KiRLQJamY]
[HKCU\Software\Kromtech]
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\WaInternetEnhancer]
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\629093bd-b017-4652-9f47-0dc41affb8a6] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\76090931-5073-4d48-b552-1c9aebd2d8ea] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Edu App] =>PUP.Optional
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallPedia] =>Adware.InstallPedia
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 419 Legitimates Filtered in 00mn 03s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/06/2015 - 19:33:33 - [] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 02/05/2012 - 15:31:05 - [] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 11/12/2011 - 21:59:17 - [] ----D C:\Program Files (x86)\Babylon =>PUP.Babylon
O43 - CFD: 11/12/2011 - 21:59:20 - [] ----D C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon
O43 - CFD: 03/06/2015 - 13:55:51 - [] ----D C:\Program Files (x86)\cba8e103-21e0-4fee-a65d-076853579285
O43 - CFD: 07/06/2015 - 09:58:26 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV06.06 =>PUP.CrossRider
O43 - CFD: 03/06/2015 - 13:56:24 - [] ----D C:\Program Files (x86)\CinemaPlus-4.2vV03.06 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:26:39 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 06/06/2015 - 19:33:26 - [] ----D C:\Program Files (x86)\dd23d375-e857-4755-b0b0-43759ba6dff0
O43 - CFD: 07/06/2015 - 11:00:33 - [] ----D C:\Program Files (x86)\Edu App =>PUP.Optional
O43 - CFD: 03/06/2015 - 13:50:29 - [] ----D C:\Program Files (x86)\gmsd_fr_596 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:27:47 - [] ----D C:\Program Files (x86)\gmsd_fr_610 =>PUP.CrossRider
O43 - CFD: 31/03/2014 - 12:59:07 - [] ----D C:\Program Files (x86)\GUMDFBA.tmp
O43 - CFD: 03/06/2015 - 13:48:44 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut
O43 - CFD: 20/07/2011 - 15:54:36 - [] ----D C:\Program Files (x86)\InstallPedia =>Adware.InstallPedia
O43 - CFD: 06/06/2015 - 19:31:55 - [] ----D C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 07:31:06 - [] ----D C:\Program Files (x86)\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 07:31:19 - [] ----D C:\Program Files (x86)\WaInternetEnhancer
O43 - CFD: 03/06/2015 - 07:30:39 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
O43 - CFD: 03/06/2015 - 14:00:19 - [] ----D C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 13:51:26 - [] ----D C:\Program Files (x86)\XTab
O43 - CFD: 03/06/2015 - 14:03:20 - [] ----D C:\ProgramData\Ahruexlot
O43 - CFD: 02/05/2012 - 15:20:41 - [] ----D C:\ProgramData\Ask
O43 - CFD: 07/06/2015 - 15:17:15 - [] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:27:08 - [] ----D C:\ProgramData\Browser
O43 - CFD: 03/06/2015 - 13:57:41 - [] ----D C:\ProgramData\HealthAlert =>PUP.HealthAlert
O43 - CFD: 03/06/2015 - 14:00:31 - [] ----D C:\ProgramData\PxhhgZJtDhu
O43 - CFD: 07/06/2015 - 13:59:03 - [] ----D C:\ProgramData\Radio
O43 - CFD: 03/06/2015 - 07:28:09 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 03/06/2015 - 13:47:39 - [] ----D C:\ProgramData\{0740ac4a-8ae5-094a-0740-0ac4a8aeb12a}
O43 - CFD: 11/12/2011 - 21:59:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:27:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 08/10/2014 - 23:59:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 06/06/2015 - 19:31:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 07:31:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 07:31:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer
O43 - CFD: 03/06/2015 - 14:00:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 14:03:45 - [] -SH-D C:\Users\FARQUE\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 28/12/2011 - 12:40:06 - [] ----D C:\Users\FARQUE\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 03/06/2015 - 07:27:12 - [] ----D C:\Users\FARQUE\AppData\Roaming\istartsurf =>PUP.Istart
O43 - CFD: 03/06/2015 - 13:49:36 - [] ----D C:\Users\FARQUE\AppData\Roaming\mystartsearch =>PUP.StartSearch
O43 - CFD: 03/06/2015 - 07:37:42 - [] ----D C:\Users\FARQUE\AppData\Roaming\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 13:53:02 - [] ----D C:\Users\FARQUE\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 03/06/2015 - 07:44:47 - [] ----D C:\Users\FARQUE\AppData\Local\39464E43-1433317485-5931-344A-00269E94F367
O43 - CFD: 27/12/2011 - 23:12:31 - [] ----D C:\Users\FARQUE\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:28:25 - [] ----D C:\Users\FARQUE\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 24/11/2014 - 20:49:29 - [] -SH-D C:\Users\FARQUE\AppData\Local\EmieBrowserModeList
O43 - CFD: 07/06/2015 - 14:19:43 - [] ----D C:\Users\FARQUE\AppData\Local\gmsd_fr_596 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:27:53 - [] ----D C:\Users\FARQUE\AppData\Local\gmsd_fr_610 =>PUP.CrossRider
O43 - CFD: 03/06/2015 - 14:03:50 - [] ----D C:\Users\FARQUE\AppData\Local\HealthAlert =>PUP.HealthAlert
O43 - CFD: 18/09/2013 - 22:17:35 - [] ----D C:\Users\FARQUE\AppData\Local\SelfExtractible
O43 - CFD: 03/06/2015 - 13:49:24 - [] ----D C:\Users\FARQUE\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 06/06/2015 - 19:31:58 - [] ----D C:\Users\FARQUE\AppData\Local\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 14:00:30 - [] ----D C:\Users\FARQUE\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 14:11:41 - [] ----D C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
O43 - CFD: 03/06/2015 - 07:33:34 - [] ----D C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
~ 344 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 617 Legitimates Filtered in 00mn 12s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1B0C50ACD2349540C65099DB5B4166E4] - 02/06/2015 - 19:40:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.73006942C25DBF1E281C8DC83C9136A4] - 06/06/2015 - 02:35:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.F1684B2D3E8CB725D086704D1F0DBE35] - 07/06/2015 - 08:58:52 ---A- . (...) -- C:\Windows\win.ini [540]
O44 - LFC:[MD5.AFE106C5F93484C76C79A353682969A0] - 07/06/2015 - 12:54:05 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192]
O44 - LFC:[MD5.AFE106C5F93484C76C79A353682969A0] - 07/06/2015 - 12:54:05 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192]
~ Files: 18 Legitimates Filtered in 00mn 11s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{41c7a430-b250-11e1-a465-00269e94f367}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "WallpaperStyle"=
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:10/04/2015 - 20:56:56 ---A- . (.Infonaut - Infonaut Driver x64.) -- C:\Windows\System32\Drivers\innfd_1_10_0_14.sys [58224] =>PUP.Infonaut
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/07/2009 - 02:33:00 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487936]
O58 - SDL:28/07/2014 - 13:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:06/06/2015 - 02:35:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776] =>PUP.LinkiDoo
O58 - SDL:02/06/2015 - 19:40:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [48776] =>PUP.LinkiDoo
~ Drivers: 70 Legitimates Filtered in 00mn 18s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/04/2015 - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (innfd_1_10_0_14) .(.Infonaut - Infonaut Driver x64.) - LEGACY_INNFD_1_10_0_14 =>PUP.Infonaut
O64 - Services: CurCS - 06/06/2015 - C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys ({ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64) .(.StdLib - StdLib.) - LEGACY_{AB573EF7-ACD0-4715-A5C0-420D2EE2CD93}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 02/06/2015 - C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys ({eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64) .(.StdLib - StdLib.) - LEGACY_{EB01AED1-BBA3-4E72-8323-A77BB027B1D4}GW64 =>PUP.LinkiDoo
~ Legacy: 108 Legitimates Filtered in 00mn 01s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.mystartsearch.com =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Safari\Safari.exe" http://www.mystartsearch.com =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {0CA4CA6B-4C4F-4F8F-A9BE-830C259250BF} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {15AE96E9-F094-439C-A792-51EFF23F79E9} - (AOL Recherche) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {76ACE059-9243-41E6-BAE5-041D821E6B75} - (Ask Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {8A244612-A1F7-11E0-95C0-E71F4824019B} - (Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {9EAC3C5C-DE66-4DC6-8F0F-8F6475D85F69} - (Kelkoo) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {CFB2B240-2590-4FCF-8562-819C24176619} - (Yahoo!) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F9F70B376EF90E312BEE55A06DB9E4EC] [SPRF][06/06/2015] (...) -- C:\ProgramData\setup_17f52c7afa704e68a07ca35f5e7a7f29.exe [1498288]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\FARQUE\AppData\Roaming\KiRLQJamY.exe [1579520]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\FARQUE\AppData\Roaming\sgah6rLPaRY.exe [1579520]
~ Files: 5 Legitimates Filtered in 00mn 08s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{AF69FFFA-ECF1-4222-8FBB-DF3F9FEF8E74}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O87 - FAEL: "{BDC07BB7-DBE1-46E7-8689-461ADBAF718D}" | In - None - P17 - TRUE | .(.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
~ Firewall: 2 Legitimates Filtered in 00mn 08s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 2 Legitimates Filtered in 00mn 01s
---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:060df2cd="alAl/YP/b/Af/X6/bxAu/Y//alAf/YP/HPAj/Xb/UxAp/X2/GxAk////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:1c311243="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:51d2f2ea="IlAl/YP/HPAi/Xt/dxAu/YZ/J/Af/X6/Z/AM/X6/axAp/YP/alAf/Xt/axAr/B//VP/j/Cx/V//j/C
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:6185d035="VP/h/CP/V//l////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:65114b36="VP/+////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:d94388d2="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:060df2cd="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:1c311243="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:51d2f2ea="JlA+/Y//GPAf/D6/b/Ah/Xt/aPAp/Yq/GPAf/B//JlAh/XD/c/Ag/B//VP/j/Cx/V//j/CZ/V//+/C
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:6185d035="VP/h/CP/V//l////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:65114b36="VP/+////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:d94388d2="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.ABEF7661B4220CE229906A46AA316102] [WIS][28/02/2011] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\3bb2f4.msi [4422144] =>Toolbar.Bing
~ WIS: 1 Legitimates Filtered in 00mn 38s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPMediaSmartWebcam_RASAPI32 =>PUP.SmartWeb
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPMediaSmartWebcam_RASMANCS =>PUP.SmartWeb
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon
~ BTK: 338 Legitimates Filtered in 00mn 01s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/05/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing
SS - | Auto 06/06/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Demand 06/06/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Auto 31/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/10/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 07/06/2015 466152 | (Util Edu App) . (...) - C:\Program Files (x86)\Edu App\bin\utilEduApp.exe =>PUP.Optional
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
SR - | Auto 02/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/08/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 03/06/2015 1781392 | (caa89563) . (...) - c:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll =>PUP.OptimizerPro
SR - | Auto 03/06/2015 1786416 | (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptStats.dll =>PUP.SuperOptimizer
SR - | Demand 05/05/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/05/2015 99128 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 11/05/2011 126520 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 08/07/2009 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 18/05/2015 157824 | (IHProtect Service) . (.XTab system.) - C:\Program Files (x86)\XTab\ProtectService.exe =>Adware.AgentODR
SR - | Auto 10/04/2015 278600 | (insvc_1.10.0.14) . (.Infonaut.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
SR - | Demand 01/09/2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 03/06/2015 664064 | (lecozydy) . (...) - C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 17/06/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing
SR - | Auto 22/07/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
SR - | Auto 03/06/2015 2731504 | (SWtEuNkFKl) . (.Rational Thought Solutions.) - C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe =>Adware.StormAlert
SR - | Auto 07/12/2010 2228008 | (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
SR - | Auto 07/06/2015 473320 | (Update Edu App) . (...) - C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional
SR - | Auto 02/06/2015 1073152 | (WaInternetEnhancer Service) . (...) - C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 43s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 204
Valeurs trouvées (Values found) : 6
Dossiers trouvés (Folders found) : 45
Fichiers trouvés (Files found) : 116
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBFBDD44-C0E0-4F63-A8E6-EE5F34765238}] =>PUP.Optional^
[HKLM\SYSTEM\CurrentControlSet\Services\caa89563] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\cae99edb] =>PUP.SuperOptimizer^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service] =>Adware.AgentODR^
[HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^
[HKLM\SYSTEM\CurrentControlSet\Services\lecozydy] =>Adware.Downware^
[HKLM\SYSTEM\CurrentControlSet\Services\Update Edu App] =>PUP.Optional^
[HKLM\SYSTEM\CurrentControlSet\Services\Util Edu App] =>PUP.Optional^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.CMILimited^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Babylon] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV06.06] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-4.2vV03.06] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Edu App] =>PUP.Optional^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\wincheck] =>PUP.Wincheck^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb] =>PUP.SmartWeb^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WaInternetEnhancer] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindeskWinsearch] =>PUP.WindeskWinsearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall] =>PUP.Istart^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall] =>PUP.StartSearch^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>PUP.Babylon
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>PUP.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>PUP.Babylon
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>PUP.Babylon
[HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallPedia] =>Adware.InstallPedia
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{981029E0-7FC9-4CF3-AB39-6F133621921A}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>PUP.Babylon
[HKLM\Software\Classes\BabyDict] =>PUP.Babylon
[HKLM\Software\Classes\BabyGloss] =>PUP.Babylon
[HKLM\Software\Classes\BabyOptFile] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\.bdc] =>PUP.Conduit
[HKLM\Software\Classes\.bgl] =>PUP.Conduit
[HKLM\Software\Classes\.bof] =>PUP.Conduit
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKLM\Software\Classes\AppID\BabylonHelper.EXE] =>PUP.Babylon
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escrtBtn.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Toolbar.Ask^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Windesk Winsearch =>PUP.WindeskWinsearch^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Super Optimizer =>PUP.SuperOptimizer^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upgmsd_fr_596.exe =>PUP.CrossRider^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^
C:\Program Files (x86)\Babylon =>PUP.Babylon^
C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06 =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06 =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\Edu App =>PUP.Optional^
C:\Program Files (x86)\gmsd_fr_596 =>PUP.CrossRider^
C:\Program Files (x86)\gmsd_fr_610 =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^
C:\Program Files (x86)\InstallPedia =>Adware.InstallPedia^
C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser^
C:\Program Files (x86)\Super Optimizer =>PUP.SuperOptimizer^
C:\Program Files (x86)\Wajam =>PUP.Wajam^
C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\HealthAlert =>PUP.HealthAlert^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Babylon^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\Users\FARQUE\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
C:\Users\FARQUE\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\FARQUE\AppData\Roaming\istartsurf =>PUP.Istart^
C:\Users\FARQUE\AppData\Roaming\mystartsearch =>PUP.StartSearch^
C:\Users\FARQUE\AppData\Roaming\Super Optimizer =>PUP.SuperOptimizer^
C:\Users\FARQUE\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\FARQUE\AppData\Local\Babylon =>PUP.Babylon^
C:\Users\FARQUE\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\FARQUE\AppData\Local\gmsd_fr_596 =>PUP.CrossRider^
C:\Users\FARQUE\AppData\Local\gmsd_fr_610 =>PUP.CrossRider^
C:\Users\FARQUE\AppData\Local\HealthAlert =>PUP.HealthAlert^
C:\Users\FARQUE\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\FARQUE\AppData\Local\speed browser =>PUP.SpeedBrowser^
C:\Users\FARQUE\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^
C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\FARQUE\AppData\Roaming\Optimizer Pro =>PUP.OptimizerPro
C:\Users\FARQUE\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\FARQUE\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\FARQUE\AppData\Local\Temp\Babylon =>PUP.Babylon
C:\Users\FARQUE\AppData\Local\Temp\BabylonToolbar =>PUP.Babylon
C:\Program Files (x86)\XTab\cmdshell.exe =>PUP.SearchProtect^
C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe =>PUP.CrossRider^
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon^
C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb^
C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebApp.exe =>PUP.SmartWeb^
C:\Program Files (x86)\Optimizer Pro 3.95\OptProReminder.exe =>PUP.OptimizerPro^
C:\Users\FARQUE\AppData\Local\gmsd_fr_610\upgmsd_fr_610.exe =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe =>PUP.CrossRider^
C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser^
C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe =>PUP.SuperOptimizer^
C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^
C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware^
C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe =>PUP.HealthAlert^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate^
C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro^
C:\Program Files (x86)\Ask.com\UpdateTask.exe =>Toolbar.Ask^
C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\System32\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowser^
C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowser^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\Babylon] =>PUP.Babylon^
[HKCU\Software\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV06.06] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06] =>PUP.CrossRider^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\Edu App] =>PUP.Optional^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\629093bd-b017-4652-9f47-0dc41affb8a6] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\76090931-5073-4d48-b552-1c9aebd2d8ea] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Edu App] =>PUP.Optional^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\Windows\Installer\3bb2f4.msi =>Toolbar.Bing^
~ Additionnel Scan: 580083 Items scanned in 07mn 36s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.HealthAlert
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.Optional
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://www.nicolascoolman.fr/blog/ =>PUP.LuckyTab
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
http://www.nicolascoolman.fr/blog/ =>PUP.Wincheck
http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR
http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.CMILimited
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>Adware.StormAlert
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://www.nicolascoolman.fr/blog/ =>Adware.CDNHelper
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskTBar
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.ShopperReports
~ MSI: 47 link(s) detected in 00mn 00s
---\\ Alert Messages
WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool
~ 1442 Legitimates filtered by white list
End of the scan (1360 lines in 46mn 25s)(0.11)
~ Lancé par FARQUE (07/06/2015 13:41:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
GCIE: Google Chrome v43.0.2357.81
OBIE: Safari v5.34.57.2
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
AVG 2012 v12.0.2112
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 ActiveX
Adobe Reader X
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4063 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 329 GB (72%) free of 453 GB
---\\ Mode de connexion au système
~ Computer Name: FARQUE-PC
~ User Name: FARQUE
~ All Users Names: HomeGroupUser$, FARQUE, Alizee, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\FARQUE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\FARQUE\AppData\Roaming\
~ %Desktop% : C:\Users\FARQUE\Desktop\
~ %Favorites% : C:\Users\FARQUE\Favorites\
~ %LocalAppData% : C:\Users\FARQUE\AppData\Local\
~ %StartMenu% : C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 329 Go of 453 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 03s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 20s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7785
~ Mes musiques (My Musics) : 1/936
~ Mes Favoris (My Favorites) : 1/59
~ Mes Documents (My Documents) : 2/1166
~ Mon Bureau (My Desktop) : 1/525
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 02mn 00s
---\\ Processus lancés
[MD5.B76756198468FDC616B3EBAFD5268496] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\XTab\cmdshell.exe [29312] [PID.2308] =>PUP.SearchProtect
[MD5.DA7D56A0035EB4EBECC148B6CA9B7BED] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\XTab\HPNotify.exe [674432] [PID.2452]
[MD5.C65B115A03DB0260895DE96681E88221] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.5100]
[MD5.B508A4EE516D905730458BB50B79979B] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [206120] [PID.2060]
[MD5.3E6015A850AF29B4EF13B88D0E125E81] - (.Pas de propriétaire - jiknuefg.) -- C:\ProgramData\Ahruexlot\1.0.1.0\jiknuefg.exe [155648] [PID.3256]
[MD5.538DC2E997F4EFCABE4DEE6655A1AFB9] - (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe [3318728] [PID.3816] =>PUP.CrossRider
[MD5.596C3DD487001E237CCE431EAE6F3EA0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144] [PID.5600]
[MD5.CCF2234A35077CA217A61C9CACC48198] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.5620]
[MD5.A847B258D12B6D1BB124BD5DEBB05162] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.5656]
[MD5.E72E98FEB4160E8B40075604EFC723EC] - (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe [1067232] [PID.5732]
[MD5.CA595FA53E6C797EC1AB43AFB4B4F183] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816] [PID.6008]
[MD5.096407F0CB75519F4DBFBA5BB413187B] - (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816] [PID.3652]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5528]
[MD5.8F89E6CB82E6DB45BC993D423CD0FDBD] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [323640] [PID.5424]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.4688]
[MD5.47EA5F76FAB723C61AB4A0D79BAD512C] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176] [PID.4508]
[MD5.545676F48851A5C65A38CAE5B5518C95] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816] [PID.5988]
[MD5.EB29F881F7B1151840266A54DCE71740] - (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe [3346544] [PID.5960] =>PUP.Babylon
[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5344]
[MD5.31B522014FC560C122CDFA72D47CA940] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272] [PID.3240]
[MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] - (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] [PID.3940] =>PUP.SmartWeb
[MD5.DFABD45F0D7665E88C617A6FC93F57EC] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe [251344] [PID.720]
[MD5.F9DBF3899AC1691E12D9C03D9AF484BD] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe [772048] [PID.1088]
[MD5.B243A59D480C566255E11DEADF7D264C] - (.Pas de propriétaire - Notifier Orange.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe [1674192] [PID.4468]
[MD5.BAA1780D73BFA212D97851FCD43F1DA3] - (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe [419280] [PID.5740]
[MD5.44069C2AC699C8DAD80A96FB1C8DFE57] - (.SoftBrain Technologies Ltd. - SmartWeb Application.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebApp.exe [557088] [PID.6348] =>PUP.SmartWeb
[MD5.BDEFC081D02C162DCB90738BE432D66B] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504] [PID.7004]
[MD5.D88B2D487439305A2EC308A6796C3044] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3024]
[MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.7636]
[MD5.0D2C876297AD054C1F9597956501FE11] - (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProReminder.exe [893072] [PID.7768] =>PUP.OptimizerPro
[MD5.01BCC98FC10E8AE9378979C6A328E1D8] - (.Pas de propriétaire - Generic Setup Component.) -- C:\Users\FARQUE\AppData\Local\Temp\nsh6E20.tmp [285836] [PID.3036]
[MD5.28F1565229C7DA1F092EF6C63648AC70] - (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_610\upgmsd_fr_610.exe [3295688] [PID.6672] =>PUP.CrossRider
[MD5.14B1D2A3A4B5F74541292DE251244F66] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe [796672] [PID.4484] =>PUP.CrossBrowser
[MD5.2DD8B60C0263ECE4DB2F67D7FDDB0806] - (...) -- C:\Users\FARQUE\AppData\Local\Temp\nsz51D8.tmp [229153] [PID.9008]
[MD5.7E0B4C8EFEDDEBE87D2A1F5A33B965B5] - (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104] [PID.3060]
[MD5.CA0E11991CD1E398E6BBAEF22F4717D5] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe [1543248] [PID.212] =>PUP.CrossRider
[MD5.C37E4488B52C36E603E5C6975DF2C1FE] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe [1567312] [PID.8920] =>PUP.CrossRider
[MD5.6BE1F78CFD5CC54B03091F86829A61E2] - (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe [801280] [PID.4248] =>PUP.SpeedBrowser
[MD5.1847FBE0F19FFBAEBB32F2CC91F3C903] - (...) -- C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe [4461616] [PID.892] =>PUP.SuperOptimizer
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.8144]
[MD5.5FEAB868CAEDBBD1B7A145CA8261E4AA] - (.Microsoft Corporation - Rapports de problèmes Windows.) -- C:\Windows\SysWOW64\werfault.exe [360448] [PID.3228]
[MD5.2A474C9DBB9FBAC669D86149F7CE5FF3] - (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [134824] [PID.4432]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.1724]
[MD5.608D6A90E989C6522F170E5526A64BF4] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1812]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.2004]
[MD5.D167D7075524F721D8D2211A563591FB] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\XTab\ProtectService.exe [157824] [PID.2120]
[MD5.D1AFCCBC2BC504F9F0C70B058EBE344B] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.2256] =>PUP.Infonaut
[MD5.8474BEDF3A84A178AE2948C1A0244BA4] - (...) -- C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe [664064] [PID.2384] =>Adware.Downware
[MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2432]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.2756]
[MD5.839E88DB24D2D8F05B72E12B175951CA] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2228008] [PID.2932]
[MD5.BADA4A2F1FAC4078389F4C710C9D3E29] - (...) -- C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe [1073152] [PID.1996]
[MD5.A67A39198E9EAC37684F2816247E738F] - (.Rational Thought Solutions - HealthAlert Service.) -- C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe [2731504] [PID.3676] =>PUP.HealthAlert
[MD5.28391B69DF7CF32AD424D9F41ECE601E] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe [1380432] [PID.3892] =>PUP.CrossRider
[MD5.63D3035C741338CFFA212CD7575C152A] - (.Cinema PlusV03.06 - CinemaPlus-4.2vV03.06 exe.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe [1513552] [PID.3928] =>PUP.CrossRider
[MD5.9B7EDD3FE7C211C36E921D34D18A3A0A] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1001376] [PID.3480]
[MD5.F9A79C5B27037821112C50A9C8FB367A] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [228408] [PID.6864]
[MD5.97372CBC9D69C0CBCA1915FD60C7E35D] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe [1494608] [PID.8312] =>PUP.CrossRider
[MD5.AC6451E68EDC7EF1443D659C8BD69D61] - (.Cinema PlusV06.06 - CinemaPlus-3.2cV06.06 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe [1512016] [PID.7000] =>PUP.CrossRider
[MD5.3C14AAE26EA06BADAC98520773772CEB] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] [PID.9872] =>PUP.GlobalUpdate
[MD5.17506246A7580B0CA771EC6E17B0011F] - (...) -- C:\Program Files (x86)\Edu App\updateEduApp.exe [473320] [PID.7476] =>PUP.Optional
[MD5.B84DC244D2D4EB9C8D141CAEF41D1087] - (.Pas de propriétaire - SGGLFX.) -- C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe [284672] [PID.1692]
~ Processes Running: Scanned in 01mn 20s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\FARQUE\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 5 Legitimates Filtered in 00mn 51s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (.Ask - Ask Toolbar.) (5.14.1.20007) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
~ IE Browser: 19 Legitimates Filtered in 00mn 05s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:52568;https=127.0.0.1:52568 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 06s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 14s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll =>PUP.Babylon
O2 - BHO: LuckyTab Class [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\XTab\SupTab.dll =>PUP.LuckyTab
O2 - BHO: AOL Toolbar BHO [64Bits] - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Babylon IE plugin [64Bits] - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} . (.Babylon Ltd. - Babylon Internet Explorer Addin.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll =>PUP.Babylon
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O2 - BHO: Edu App 1.0.0.7 [64Bits] - {ebfbdd44-c0e0-4f63-a8e6-ee5f34765238} . (.Edu App - Edu App.) -- C:\Program Files (x86)\Edu App\EduAppbho.dll =>PUP.Optional
~ BHO: 22 Legitimates Filtered in 01mn 59s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DE9C389F-3316-41A7-809B-AA305ED9D922} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 54s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Babylon.lnk . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [Public]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\Desktop [Public]: WindeskWinsearch.lnk . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - GS\QuickLaunch [FARQUE]: Babylon.lnk . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - GS\QuickLaunch [FARQUE]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\QuickLaunch [FARQUE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\QuickLaunch [FARQUE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\QuickLaunch [FARQUE]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\TaskBar [FARQUE]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\TaskBar [FARQUE]: speed browser.lnk . (.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
O4 - GS\Program [FARQUE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\SystemTools [FARQUE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [FARQUE]: AnyProtect.lnk . (.AnyProtect.com - AnyProtect.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect
O4 - GS\Desktop [FARQUE]: Internet.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com =>PUP.StartSearch
O4 - GS\Desktop [FARQUE]: Optimizer Pro.lnk . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptimizerPro.exe =>PUP.OptimizerPro
O4 - GS\Desktop [FARQUE]: Super Optimizer.lnk . (...) -- C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe =>PUP.SuperOptimizer
~ Global Startup: 21 Legitimates Filtered in 02mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [FARQUE]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Startup [FARQUE]: SmartWeb.lnk . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Windesk Winsearch] . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Super Optimizer] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer
O4 - HKCU\..\Run: [Optimizer Pro] . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6E5D734F8743C00C12673D99E9D72591] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [IP Network] . (.Pas de propriétaire - launch_networker.) -- C:\Program Files (x86)\InstallPedia\lnetworker.exe =>Adware.InstallPedia
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Babylon Client] . (.Babylon Ltd. - Babylon Information Tool.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Icon225_IEWLauncher] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Update] . (.Pas de propriétaire - Orange Updater.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\UpdteApp.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Statistics] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_SMSNotifier] . (.Pas de propriétaire - Notifier Orange.) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_HSSModule] . (...) -- C:\Program Files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [WinCheck] . (...) -- C:\Users\FARQUE\AppData\Local\39464E43-1433317485-5931-344A-00269E94F367\bnss1997.exe =>PUP.Wincheck
O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_596] . (...) -- C:\Program Files (x86)\gmsd_fr_596\gmsd_fr_596.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_610] . (...) -- C:\Program Files (x86)\gmsd_fr_610\gmsd_fr_610.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_596.exe] . (...) -- C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_610.exe] C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_610.exe (.not file.) =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Users\FARQUE\Desktop\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Super Optimizer] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [Optimizer Pro] . (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\Run: [GoogleChromeAutoLaunch_6E5D734F8743C00C12673D99E9D72591] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-1206643078-3300998638-109981627-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
~ Application: Scanned in 00mn 12s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} ((no name)) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A85216A-A00A-4337-8E18-8DA6168B5A24}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{68988A50-15BD-447B-8036-994E7EB27CEB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{88DA55AD-6C8E-4115-9C41-C6C98962C082}: DhcpNameServer = 192.168.10.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{DC246E70-4B08-44B4-9681-FF98E7B08E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: OptimizerPro Monitoring (caa89563) . (...) - c:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll =>PUP.OptimizerPro
O23 - Service: SuperOptimizer Stats (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptStats.dll =>PUP.SuperOptimizer
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files (x86)\XTab\ProtectService.exe =>Adware.AgentODR
O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (.Infonaut - Infonaut Client Service.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
O23 - Service: Computer Receive (lecozydy) . (...) - C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
O23 - Service: Update Edu App (Update Edu App) . (...) - C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional
O23 - Service: Util Edu App (Util Edu App) . (...) - C:\Program Files (x86)\Edu App\bin\utilEduApp.exe =>PUP.Optional
O23 - Service: WaInternetEnhancer Service (WaInternetEnhancer Service) . (...) - C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe
~ Services: 24 Legitimates Filtered in 14mn 40s
---\\ Tâches planifiées en automatique (O39)
[MD5.28391B69DF7CF32AD424D9F41ECE601E] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe [1380432] =>PUP.CrossRider
[MD5.5E5FF5512D0967C74794FCDA50BD594D] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.exe [1137744] =>PUP.CrossRider
[MD5.C37E4488B52C36E603E5C6975DF2C1FE] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe [1567312] =>PUP.CrossRider
[MD5.9A76885A161FBBCC8AC02AA398D050FA] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-3] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.exe [1478736] =>PUP.CrossRider
[MD5.BECA57B59AA3EBC9DD07A170697ED256] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-5] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe [1206864] =>PUP.CrossRider
[MD5.BECA57B59AA3EBC9DD07A170697ED256] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe [1206864] =>PUP.CrossRider
[MD5.63D3035C741338CFFA212CD7575C152A] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-6] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe [1513552] =>PUP.CrossRider
[MD5.5E5FF5512D0967C74794FCDA50BD594D] [APT] [1797602d-4c87-4855-8597-52c5b4cf0bc5-7] (.Cinema PlusV03.06.) -- C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.exe [1137744] =>PUP.CrossRider
[MD5.AC6451E68EDC7EF1443D659C8BD69D61] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe [1512016] =>PUP.CrossRider
[MD5.F09A3681F53C008FDD27932646A3975B] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.exe [1015888] =>PUP.CrossRider
[MD5.CA0E11991CD1E398E6BBAEF22F4717D5] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe [1543248] =>PUP.CrossRider
[MD5.19C8083DB429CE5ED4EA11587CADB338] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.exe [1311312] =>PUP.CrossRider
[MD5.78DECB9F87743223BA203F1180476467] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe [1068624] =>PUP.CrossRider
[MD5.78DECB9F87743223BA203F1180476467] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe [1068624] =>PUP.CrossRider
[MD5.97372CBC9D69C0CBCA1915FD60C7E35D] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe [1494608] =>PUP.CrossRider
[MD5.F09A3681F53C008FDD27932646A3975B] [APT] [1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7] (.Cinema PlusV06.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.exe [1015888] =>PUP.CrossRider
[MD5.3E6015A850AF29B4EF13B88D0E125E81] [APT] [Ahruexlot] (...) -- C:\ProgramData\Ahruexlot\1.0.1.0\jiknuefg.exe [155648]
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP1] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP2] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.2691439FAC40F46C937BB684A3AE2E0F] [APT] [APSnotifierPP3] (.AnyProtect.com.) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [6434816] =>PUP.AnyProtect
[MD5.20393A94CDF086E897BB26CF3018E768] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1918040] =>PUP.CrossBrowser
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [KiRLQJamY] (...) -- C:\Users\FARQUE\AppData\Roaming\KiRLQJamY.exe [1579520]
[MD5.33FEA334723B5293842DB05D456CD186] [APT] [Optimizer Pro Schedule] (...) -- C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe [148112] =>PUP.OptimizerPro
[MD5.2A474C9DBB9FBAC669D86149F7CE5FF3] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [134824] =>Toolbar.Ask
[MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [sgah6rLPaRY] (...) -- C:\Users\FARQUE\AppData\Roaming\sgah6rLPaRY.exe [1579520]
[MD5.153F088DFDB3F940AD9DAEB04A3ACC4D] [APT] [SmartWeb Upgrade Trigger Task] (.SoftBrain Technologies Ltd..) -- C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] =>PUP.SmartWeb
[MD5.5DDA0FF6DABE3F06F190DC320DDCA2B8] [APT] [Super Optimizer Schedule] (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [676400] =>PUP.SuperOptimizer
[MD5.00000000000000000000000000000000] [APT] [{46D3D54F-E9F0-4412-A250-3B8CCB0D46A4}] (...) -- F:\Setup.exe (.not file.) [0]
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.job [3140] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 [3140] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.job [3476] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 [3476] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user.job [2114] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user [2114] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-3 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.job [4496] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-3 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3 [4496] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.job [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5 [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user.job [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user [2448] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-6 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.job [5520] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-6 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6 [5520] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-7 - (.Cinema PlusV03.06.) -- C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.job [5184] =>PUP.CrossRider
O39 - APT: 1797602d-4c87-4855-8597-52c5b4cf0bc5-7 - (.Cinema PlusV03.06.) -- C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7 [5184] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.job [3140] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 [3140] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.job [3476] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 [3476] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user.job [2114] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user [2114] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.job [4496] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 [4496] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.job [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user.job [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user [2448] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.job [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 - (.Cinema PlusV06.06.) -- C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.job [5520] =>PUP.CrossRider
O39 - APT: 1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 - (.Cinema PlusV06.06.) -- C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 [5520] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (.AnyProtect.com.) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[74c7].job [342] =>PUP.BidailySync
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[74c7] [342] =>PUP.BidailySync
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1058] =>PUP.CrossBrowser
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1058] =>PUP.CrossBrowser
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [972] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [972] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [976] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [976] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: KiRLQJamY - (...) -- C:\Windows\Tasks\KiRLQJamY.job [994]
O39 - APT: KiRLQJamY - (...) -- C:\Windows\System32\Tasks\KiRLQJamY [994]
O39 - APT: sgah6rLPaRY - (...) -- C:\Windows\Tasks\sgah6rLPaRY.job [998]
O39 - APT: sgah6rLPaRY - (...) -- C:\Windows\System32\Tasks\sgah6rLPaRY [998]
~ Scheduled Task: 96 Legitimates Filtered in 00mn 14s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (innfd_1_10_0_14) . (.Infonaut - Infonaut Driver x64.) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys =>PUP.Infonaut
O41 - Driver: ({ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 71 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.CMILimited
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0} =>Toolbar.Ask
O42 - Logiciel: Babylon - (.Babylon.) [HKLM][64Bits] -- Babylon =>PUP.Babylon
O42 - Logiciel: Babylon toolbar on IE - (...) [HKLM][64Bits] -- BabylonToolbar =>PUP.Babylon
O42 - Logiciel: CinemaPlus-3.2cV06.06 - (.Cinema PlusV06.06.) [HKLM][64Bits] -- CinemaPlus-3.2cV06.06 =>PUP.CrossRider
O42 - Logiciel: CinemaPlus-4.2vV03.06 - (.Cinema PlusV03.06.) [HKLM][64Bits] -- CinemaPlus-4.2vV03.06 =>PUP.CrossRider
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser
O42 - Logiciel: Edu App - (.Edu App.) [HKLM][64Bits] -- Edu App =>PUP.Optional
O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM][64Bits] -- Infonaut_1.10.0.14 =>PUP.Infonaut
O42 - Logiciel: Server Web Directory - (.Server Web Directory.) [HKLM][64Bits] -- wincheck =>PUP.Wincheck
O42 - Logiciel: SmartWeb - (.SoftBrain Technologies Ltd..) [HKLM][64Bits] -- SmartWeb =>PUP.SmartWeb
O42 - Logiciel: Wajam - (.WaInternetEnhancer.) [HKLM][64Bits] -- WaInternetEnhancer =>PUP.Wajam
O42 - Logiciel: WindeskWinsearch 1.0 - (.PCSoftware.) [HKLM][64Bits] -- WindeskWinsearch =>PUP.WindeskWinsearch
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.Istart
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.StartSearch
~ Logic: 61 Legitimates Filtered in 00mn 03s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\APN]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Ask.com]
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Babylon] =>PUP.Babylon
[HKCU\Software\Browser]
[HKCU\Software\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV06.06] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-4.2vV03.06] =>PUP.CrossRider
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\Edu App] =>PUP.Optional
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\KiRLQJamY]
[HKCU\Software\Kromtech]
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\WaInternetEnhancer]
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\629093bd-b017-4652-9f47-0dc41affb8a6] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\76090931-5073-4d48-b552-1c9aebd2d8ea] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Edu App] =>PUP.Optional
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallPedia] =>Adware.InstallPedia
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 419 Legitimates Filtered in 00mn 03s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/06/2015 - 19:33:33 - [] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 02/05/2012 - 15:31:05 - [] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 11/12/2011 - 21:59:17 - [] ----D C:\Program Files (x86)\Babylon =>PUP.Babylon
O43 - CFD: 11/12/2011 - 21:59:20 - [] ----D C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon
O43 - CFD: 03/06/2015 - 13:55:51 - [] ----D C:\Program Files (x86)\cba8e103-21e0-4fee-a65d-076853579285
O43 - CFD: 07/06/2015 - 09:58:26 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV06.06 =>PUP.CrossRider
O43 - CFD: 03/06/2015 - 13:56:24 - [] ----D C:\Program Files (x86)\CinemaPlus-4.2vV03.06 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:26:39 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 06/06/2015 - 19:33:26 - [] ----D C:\Program Files (x86)\dd23d375-e857-4755-b0b0-43759ba6dff0
O43 - CFD: 07/06/2015 - 11:00:33 - [] ----D C:\Program Files (x86)\Edu App =>PUP.Optional
O43 - CFD: 03/06/2015 - 13:50:29 - [] ----D C:\Program Files (x86)\gmsd_fr_596 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:27:47 - [] ----D C:\Program Files (x86)\gmsd_fr_610 =>PUP.CrossRider
O43 - CFD: 31/03/2014 - 12:59:07 - [] ----D C:\Program Files (x86)\GUMDFBA.tmp
O43 - CFD: 03/06/2015 - 13:48:44 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut
O43 - CFD: 20/07/2011 - 15:54:36 - [] ----D C:\Program Files (x86)\InstallPedia =>Adware.InstallPedia
O43 - CFD: 06/06/2015 - 19:31:55 - [] ----D C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 07:31:06 - [] ----D C:\Program Files (x86)\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 07:31:19 - [] ----D C:\Program Files (x86)\WaInternetEnhancer
O43 - CFD: 03/06/2015 - 07:30:39 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
O43 - CFD: 03/06/2015 - 14:00:19 - [] ----D C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 13:51:26 - [] ----D C:\Program Files (x86)\XTab
O43 - CFD: 03/06/2015 - 14:03:20 - [] ----D C:\ProgramData\Ahruexlot
O43 - CFD: 02/05/2012 - 15:20:41 - [] ----D C:\ProgramData\Ask
O43 - CFD: 07/06/2015 - 15:17:15 - [] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:27:08 - [] ----D C:\ProgramData\Browser
O43 - CFD: 03/06/2015 - 13:57:41 - [] ----D C:\ProgramData\HealthAlert =>PUP.HealthAlert
O43 - CFD: 03/06/2015 - 14:00:31 - [] ----D C:\ProgramData\PxhhgZJtDhu
O43 - CFD: 07/06/2015 - 13:59:03 - [] ----D C:\ProgramData\Radio
O43 - CFD: 03/06/2015 - 07:28:09 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 03/06/2015 - 13:47:39 - [] ----D C:\ProgramData\{0740ac4a-8ae5-094a-0740-0ac4a8aeb12a}
O43 - CFD: 11/12/2011 - 21:59:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:27:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 08/10/2014 - 23:59:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 06/06/2015 - 19:31:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 07:31:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 07:31:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer
O43 - CFD: 03/06/2015 - 14:00:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 14:03:45 - [] -SH-D C:\Users\FARQUE\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 28/12/2011 - 12:40:06 - [] ----D C:\Users\FARQUE\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 03/06/2015 - 07:27:12 - [] ----D C:\Users\FARQUE\AppData\Roaming\istartsurf =>PUP.Istart
O43 - CFD: 03/06/2015 - 13:49:36 - [] ----D C:\Users\FARQUE\AppData\Roaming\mystartsearch =>PUP.StartSearch
O43 - CFD: 03/06/2015 - 07:37:42 - [] ----D C:\Users\FARQUE\AppData\Roaming\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 03/06/2015 - 13:53:02 - [] ----D C:\Users\FARQUE\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 03/06/2015 - 07:44:47 - [] ----D C:\Users\FARQUE\AppData\Local\39464E43-1433317485-5931-344A-00269E94F367
O43 - CFD: 27/12/2011 - 23:12:31 - [] ----D C:\Users\FARQUE\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 06/06/2015 - 19:28:25 - [] ----D C:\Users\FARQUE\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 24/11/2014 - 20:49:29 - [] -SH-D C:\Users\FARQUE\AppData\Local\EmieBrowserModeList
O43 - CFD: 07/06/2015 - 14:19:43 - [] ----D C:\Users\FARQUE\AppData\Local\gmsd_fr_596 =>PUP.CrossRider
O43 - CFD: 06/06/2015 - 19:27:53 - [] ----D C:\Users\FARQUE\AppData\Local\gmsd_fr_610 =>PUP.CrossRider
O43 - CFD: 03/06/2015 - 14:03:50 - [] ----D C:\Users\FARQUE\AppData\Local\HealthAlert =>PUP.HealthAlert
O43 - CFD: 18/09/2013 - 22:17:35 - [] ----D C:\Users\FARQUE\AppData\Local\SelfExtractible
O43 - CFD: 03/06/2015 - 13:49:24 - [] ----D C:\Users\FARQUE\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 06/06/2015 - 19:31:58 - [] ----D C:\Users\FARQUE\AppData\Local\speed browser =>PUP.SpeedBrowser
O43 - CFD: 03/06/2015 - 14:00:30 - [] ----D C:\Users\FARQUE\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 03/06/2015 - 14:11:41 - [] ----D C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
O43 - CFD: 03/06/2015 - 07:33:34 - [] ----D C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
~ 344 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 617 Legitimates Filtered in 00mn 12s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1B0C50ACD2349540C65099DB5B4166E4] - 02/06/2015 - 19:40:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.73006942C25DBF1E281C8DC83C9136A4] - 06/06/2015 - 02:35:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.F1684B2D3E8CB725D086704D1F0DBE35] - 07/06/2015 - 08:58:52 ---A- . (...) -- C:\Windows\win.ini [540]
O44 - LFC:[MD5.AFE106C5F93484C76C79A353682969A0] - 07/06/2015 - 12:54:05 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192]
O44 - LFC:[MD5.AFE106C5F93484C76C79A353682969A0] - 07/06/2015 - 12:54:05 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192]
~ Files: 18 Legitimates Filtered in 00mn 11s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{41c7a430-b250-11e1-a465-00269e94f367}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "WallpaperStyle"=
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:29/06/2009 - 19:17:00 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\System32\Drivers\enecir.sys [70656]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:10/04/2015 - 20:56:56 ---A- . (.Infonaut - Infonaut Driver x64.) -- C:\Windows\System32\Drivers\innfd_1_10_0_14.sys [58224] =>PUP.Infonaut
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:22/07/2009 - 02:33:00 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [487936]
O58 - SDL:28/07/2014 - 13:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:06/06/2015 - 02:35:20 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys [48776] =>PUP.LinkiDoo
O58 - SDL:02/06/2015 - 19:40:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys [48776] =>PUP.LinkiDoo
~ Drivers: 70 Legitimates Filtered in 00mn 18s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/04/2015 - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (innfd_1_10_0_14) .(.Infonaut - Infonaut Driver x64.) - LEGACY_INNFD_1_10_0_14 =>PUP.Infonaut
O64 - Services: CurCS - 06/06/2015 - C:\Windows\System32\drivers\{ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64.sys ({ab573ef7-acd0-4715-a5c0-420d2ee2cd93}Gw64) .(.StdLib - StdLib.) - LEGACY_{AB573EF7-ACD0-4715-A5C0-420D2EE2CD93}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 02/06/2015 - C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64.sys ({eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw64) .(.StdLib - StdLib.) - LEGACY_{EB01AED1-BBA3-4E72-8323-A77BB027B1D4}GW64 =>PUP.LinkiDoo
~ Legacy: 108 Legitimates Filtered in 00mn 01s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {0CA4CA6B-4C4F-4F8F-A9BE-830C259250BF} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {15AE96E9-F094-439C-A792-51EFF23F79E9} - (AOL Recherche) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {76ACE059-9243-41E6-BAE5-041D821E6B75} - (Ask Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {8A244612-A1F7-11E0-95C0-E71F4824019B} - (Search) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {9EAC3C5C-DE66-4DC6-8F0F-8F6475D85F69} - (Kelkoo) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {CFB2B240-2590-4FCF-8562-819C24176619} - (Yahoo!) - http://www.mystartsearch.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com =>PUP.StartSearch
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F9F70B376EF90E312BEE55A06DB9E4EC] [SPRF][06/06/2015] (...) -- C:\ProgramData\setup_17f52c7afa704e68a07ca35f5e7a7f29.exe [1498288]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\FARQUE\AppData\Roaming\KiRLQJamY.exe [1579520]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- C:\Users\FARQUE\AppData\Roaming\sgah6rLPaRY.exe [1579520]
~ Files: 5 Legitimates Filtered in 00mn 08s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{AF69FFFA-ECF1-4222-8FBB-DF3F9FEF8E74}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O87 - FAEL: "{BDC07BB7-DBE1-46E7-8689-461ADBAF718D}" | In - None - P17 - TRUE | .(.Smart Applications - speed browser.) -- C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser
~ Firewall: 2 Legitimates Filtered in 00mn 08s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe =>Toolbar.Ask
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 2 Legitimates Filtered in 00mn 01s
---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:060df2cd="alAl/YP/b/Af/X6/bxAu/Y//alAf/YP/HPAj/Xb/UxAp/X2/GxAk////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:1c311243="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:51d2f2ea="IlAl/YP/HPAi/Xt/dxAu/YZ/J/Af/X6/Z/AM/X6/axAp/YP/alAf/Xt/axAr/B//VP/j/Cx/V//j/C
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:6185d035="VP/h/CP/V//l////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:65114b36="VP/+////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:d94388d2="b/Af/X6/alAl/YP/HPAi/Yq/GPAf/Yb/GPAz/B2/FlAk/Xh////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60437703306812265\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:060df2cd="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAp/YP/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:1c311243="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:51d2f2ea="JlA+/Y//GPAf/D6/b/Ah/Xt/aPAp/Yq/GPAf/B//JlAh/XD/c/Ag/B//VP/j/Cx/V//j/CZ/V//+/C
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:6185d035="VP/h/CP/V//l////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:65114b36="VP/+////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:d94388d2="blA+/Y//GPAf/X6/b/Ah/Xt/aPAp/Yq/GPAf/YV/cPAf/XF/UxAs/X6/aP////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1\60513467414968785\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.ABEF7661B4220CE229906A46AA316102] [WIS][28/02/2011] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\3bb2f4.msi [4422144] =>Toolbar.Bing
~ WIS: 1 Legitimates Filtered in 00mn 38s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPMediaSmartWebcam_RASAPI32 =>PUP.SmartWeb
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HPMediaSmartWebcam_RASMANCS =>PUP.SmartWeb
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon
~ BTK: 338 Legitimates Filtered in 00mn 01s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/05/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing
SS - | Auto 06/06/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Demand 06/06/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Auto 31/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/10/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 07/06/2015 466152 | (Util Edu App) . (...) - C:\Program Files (x86)\Edu App\bin\utilEduApp.exe =>PUP.Optional
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
SR - | Auto 02/07/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/08/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 03/06/2015 1781392 | (caa89563) . (...) - c:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll =>PUP.OptimizerPro
SR - | Auto 03/06/2015 1786416 | (cae99edb) . (...) - c:\Program Files (x86)\Super Optimizer\SupOptStats.dll =>PUP.SuperOptimizer
SR - | Demand 05/05/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/05/2015 99128 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 11/05/2011 126520 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 08/07/2009 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 18/05/2015 157824 | (IHProtect Service) . (.XTab system.) - C:\Program Files (x86)\XTab\ProtectService.exe =>Adware.AgentODR
SR - | Auto 10/04/2015 278600 | (insvc_1.10.0.14) . (.Infonaut.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
SR - | Demand 01/09/2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 03/06/2015 664064 | (lecozydy) . (...) - C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 17/06/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 21/01/2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing
SR - | Auto 22/07/2009 240128 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
SR - | Auto 03/06/2015 2731504 | (SWtEuNkFKl) . (.Rational Thought Solutions.) - C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe =>Adware.StormAlert
SR - | Auto 07/12/2010 2228008 | (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
SR - | Auto 07/06/2015 473320 | (Update Edu App) . (...) - C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional
SR - | Auto 02/06/2015 1073152 | (WaInternetEnhancer Service) . (...) - C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 43s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 204
Valeurs trouvées (Values found) : 6
Dossiers trouvés (Folders found) : 45
Fichiers trouvés (Files found) : 116
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBFBDD44-C0E0-4F63-A8E6-EE5F34765238}] =>PUP.Optional^
[HKLM\SYSTEM\CurrentControlSet\Services\caa89563] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\cae99edb] =>PUP.SuperOptimizer^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service] =>Adware.AgentODR^
[HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^
[HKLM\SYSTEM\CurrentControlSet\Services\lecozydy] =>Adware.Downware^
[HKLM\SYSTEM\CurrentControlSet\Services\Update Edu App] =>PUP.Optional^
[HKLM\SYSTEM\CurrentControlSet\Services\Util Edu App] =>PUP.Optional^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.CMILimited^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Babylon] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV06.06] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-4.2vV03.06] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Edu App] =>PUP.Optional^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\wincheck] =>PUP.Wincheck^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb] =>PUP.SmartWeb^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WaInternetEnhancer] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindeskWinsearch] =>PUP.WindeskWinsearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall] =>PUP.Istart^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall] =>PUP.StartSearch^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>PUP.Babylon
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>PUP.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>PUP.Babylon
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>PUP.Babylon
[HKLM\Software\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Features\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Products\0E9201899CF73FC4BA93F631631229A1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallPedia] =>Adware.InstallPedia
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{981029E0-7FC9-4CF3-AB39-6F133621921A}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>PUP.Babylon
[HKLM\Software\Classes\BabyDict] =>PUP.Babylon
[HKLM\Software\Classes\BabyGloss] =>PUP.Babylon
[HKLM\Software\Classes\BabyOptFile] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Classes\.bdc] =>PUP.Conduit
[HKLM\Software\Classes\.bgl] =>PUP.Conduit
[HKLM\Software\Classes\.bof] =>PUP.Conduit
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKLM\Software\Classes\AppID\BabylonHelper.EXE] =>PUP.Babylon
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escrtBtn.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Toolbar.Ask^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Windesk Winsearch =>PUP.WindeskWinsearch^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Super Optimizer =>PUP.SuperOptimizer^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upgmsd_fr_596.exe =>PUP.CrossRider^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^
C:\Program Files (x86)\Babylon =>PUP.Babylon^
C:\Program Files (x86)\BabylonToolbar =>PUP.Babylon^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06 =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06 =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\Edu App =>PUP.Optional^
C:\Program Files (x86)\gmsd_fr_596 =>PUP.CrossRider^
C:\Program Files (x86)\gmsd_fr_610 =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^
C:\Program Files (x86)\InstallPedia =>Adware.InstallPedia^
C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser^
C:\Program Files (x86)\Super Optimizer =>PUP.SuperOptimizer^
C:\Program Files (x86)\Wajam =>PUP.Wajam^
C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\HealthAlert =>PUP.HealthAlert^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Babylon^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\Users\FARQUE\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
C:\Users\FARQUE\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\FARQUE\AppData\Roaming\istartsurf =>PUP.Istart^
C:\Users\FARQUE\AppData\Roaming\mystartsearch =>PUP.StartSearch^
C:\Users\FARQUE\AppData\Roaming\Super Optimizer =>PUP.SuperOptimizer^
C:\Users\FARQUE\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\FARQUE\AppData\Local\Babylon =>PUP.Babylon^
C:\Users\FARQUE\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\FARQUE\AppData\Local\gmsd_fr_596 =>PUP.CrossRider^
C:\Users\FARQUE\AppData\Local\gmsd_fr_610 =>PUP.CrossRider^
C:\Users\FARQUE\AppData\Local\HealthAlert =>PUP.HealthAlert^
C:\Users\FARQUE\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\FARQUE\AppData\Local\speed browser =>PUP.SpeedBrowser^
C:\Users\FARQUE\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^
C:\Users\FARQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Program Files (x86)\Ask.com =>Toolbar.AskBar
C:\Users\FARQUE\AppData\Roaming\Optimizer Pro =>PUP.OptimizerPro
C:\Users\FARQUE\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\FARQUE\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\FARQUE\AppData\Local\Temp\Babylon =>PUP.Babylon
C:\Users\FARQUE\AppData\Local\Temp\BabylonToolbar =>PUP.Babylon
C:\Program Files (x86)\XTab\cmdshell.exe =>PUP.SearchProtect^
C:\Users\FARQUE\AppData\Local\gmsd_fr_596\upgmsd_fr_596.exe =>PUP.CrossRider^
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe =>PUP.Babylon^
C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb^
C:\Users\FARQUE\AppData\Local\SmartWeb\SmartWebApp.exe =>PUP.SmartWeb^
C:\Program Files (x86)\Optimizer Pro 3.95\OptProReminder.exe =>PUP.OptimizerPro^
C:\Users\FARQUE\AppData\Local\gmsd_fr_610\upgmsd_fr_610.exe =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-10.exe =>PUP.CrossRider^
C:\Program Files (x86)\speed browser\Application\browser.exe =>PUP.SpeedBrowser^
C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe =>PUP.SuperOptimizer^
C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^
C:\Users\FARQUE\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware^
C:\ProgramData\PxhhgZJtDhu\SWtEuNkFKl.exe =>PUP.HealthAlert^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate^
C:\Program Files (x86)\Edu App\updateEduApp.exe =>PUP.Optional^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-4.2vV03.06\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV06.06\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe =>PUP.AnyProtect^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe =>PUP.OptimizerPro^
C:\Program Files (x86)\Ask.com\UpdateTask.exe =>Toolbar.Ask^
C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe =>PUP.SuperOptimizer^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-10_user =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-3 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-5_user =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-6 =>PUP.CrossRider^
C:\Windows\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1797602d-4c87-4855-8597-52c5b4cf0bc5-7 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-10_user =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-3 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-5_user =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-6 =>PUP.CrossRider^
C:\Windows\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\1dcda3f3-bab9-4e56-b1f0-4f9fa61b82c9-7 =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\System32\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowser^
C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowser^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\Babylon] =>PUP.Babylon^
[HKCU\Software\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV06.06] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-4.2vV03.06] =>PUP.CrossRider^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\Edu App] =>PUP.Optional^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\629093bd-b017-4652-9f47-0dc41affb8a6] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\76090931-5073-4d48-b552-1c9aebd2d8ea] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\8d1dcfd5-6ff8-dd33-3f66-165f68f519e1] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV06.06-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-4.2vV03.06-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Edu App] =>PUP.Optional^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\Windows\Installer\3bb2f4.msi =>Toolbar.Bing^
~ Additionnel Scan: 580083 Items scanned in 07mn 36s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.HealthAlert
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.Optional
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://www.nicolascoolman.fr/blog/ =>PUP.LuckyTab
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
http://www.nicolascoolman.fr/blog/ =>PUP.Wincheck
http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR
http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.CMILimited
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>Adware.StormAlert
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://www.nicolascoolman.fr/blog/ =>Adware.CDNHelper
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskTBar
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.ShopperReports
~ MSI: 47 link(s) detected in 00mn 00s
---\\ Alert Messages
WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool
~ 1442 Legitimates filtered by white list
End of the scan (1360 lines in 46mn 25s)(0.11)