Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014)
~ Lancé par Nana (22/11/2014 01:39:55)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16384 (Defaut)
MFIE: Mozilla Firefox 33.1
GCIE: Google Chrome v37.0.2062.120
OPIE: Opera vStable 25.0.1614.50
OPIE: Opera vStable 25.0.1614.71
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : 9D6T9
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W8 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (27% free)
System Restore: Désactivé (Disabled)
System drive C: has 126 GB (39%) free of 315 GB
---\\ Mode de connexion au système
~ Computer Name: MOURKER
~ User Name: Nana
~ All Users Names: Nana, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nana\AppData\Roaming\
~ %Desktop% : C:\Users\Nana\Desktop\
~ %Favorites% : C:\Users\Nana\Favorites\
~ %LocalAppData% : C:\Users\Nana\AppData\Local\
~ %StartMenu% : C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 126 Go of 315 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 107 Go)
E: Hard drive, Flash drive, Thumb drive (Free 3 Go of 42 Go)
F: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8479DC46E9A09015C0777A16BC22A15D] - (.Microsoft Corporation - Explorateur Windows.) (.22/08/2013 - 12:39:51.) -- C:\Windows\Explorer.exe [2328880]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 09:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.CE76481B886D891F1ECF11939DF16938] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/08/2013 - 09:29:03.) -- C:\Windows\System32\wininet.dll [2328064]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 09:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22/08/2013 - 10:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 13:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 12:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 11:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 08:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 11:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 11:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 11:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.0063040EFD7C5B81D67CF985BA35388A] - (.Microsoft Corporation - IP Network Address Translator.) (.22/08/2013 - 11:35:33.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.405A2E5754DF76663CF0522B87D7929F] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.22/08/2013 - 11:36:11.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 11:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22/08/2013 - 13:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 11:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 11:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 22:26:13.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 13:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1536
~ Mes musiques (My Musics) : 4/308
~ Mes Videos (My Videos) : 2/492
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 3/7518
~ Mon Bureau (My Desktop) : 2/306
~ Menu demarrer (Programs) : 1/104
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.77A6B7D846B93CE38D571884054C4C3A] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3491264] [PID.2780]
[MD5.0DF3D43C5FE1495BEB3B6739379EF2B9] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe [1385808] [PID.3656] =>P2P.BitTorrent
[MD5.4B85BD6EF15679389C54C5D78C2DA925] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22067296] [PID.3156]
[MD5.80E470B2C0F974862558B2091FF6E644] - (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe [3224064] [PID.4008] =>PUP.ShopperPro
[MD5.408B91BC1B49C623ACAF73BC84AFD80A] - (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968] [PID.1384] =>PUP.YTDownloader
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.3692]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [263600] [PID.3760]
[MD5.E12AC7C55EFB6307AA07AB3EA93B2A1E] - (.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe [504512] [PID.2232] =>PUP.Mobogenie
[MD5.65068E245EFE045E6956190CD0E2FB91] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5652]
[MD5.A89213C4C9DDBD8BDE32D847BB7F3E2F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [145520] [PID.5920]
[MD5.7D710239833D16DD2BEBB23DFEAAB61D] - (.Adobe Systems, Inc. - Adobe Flash Player 15.0 r0.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe [1880752] [PID.2132]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.4588]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nana\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Nana - 8n5eg1uh.default\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}] [] Shopper-Pro v1.0.0.4 (..)
M2 - MFEP: Extension [Nana - 8n5eg1uh.default] {46093ebf-2671-47dd-b049-a445902e2e5a}
~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e105fff0f3e80131b6584734478597d40061911 [64Bits] - {11111111-1111-1111-1111-110611191111} . (.iWebar - Ge-Force BHO.) -- C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll =>PUP.iWebar
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 [64Bits] - {11111111-1111-1111-1111-110611191115} . (.Object Browser - Sense BHO.) -- C:\Program Files (x86)\Sense\Sense-bho.dll =>PUP.ObjectBrowser
O2 - BHO: f44971a003610132460604579b8fb35c0063163 [64Bits] - {11111111-1111-1111-1111-110611311163} . (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 BHO.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-bho.dll =>PUP.CrossRider
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
~ BHO: 40 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\QuickLaunch [Nana]: Desktop Icon Toy.lnk . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - GS\QuickLaunch [Nana]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\QuickLaunch [Nana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Nana]: YTDownloader.lnk . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - GS\Desktop [Nana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 6 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [DesktopIconToy] . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Nana\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nana\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKCU\..\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [DesktopIconToy] . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Nana\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nana\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.localhost
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E07EA50C-E6EE-43BD-B45E-436E967FB2CC}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{E07EA50C-E6EE-43BD-B45E-436E967FB2CC}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: MobogenieService (MobogenieService) . (.Mobogenie.com - MobogenieService.exe.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
~ Services: 13 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
[MD5.44BB2E54B32FF146C90EB288937A824C] [APT] [10ef5ceb-1421-4e66-9ecc-4ac5c7613255] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.exe [331672] =>PUP.CrossRider
[MD5.CB2A01810C90207247A8A1E8820323A6] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-1] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe [1011112] =>PUP.iWebar
[MD5.B4E61891B895C04A7326F089F54A554D] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-11] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.exe [2006952] =>PUP.iWebar
[MD5.790B992388F8A088E39E7C0D4A77F3A8] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-2] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.exe [934312] =>PUP.iWebar
[MD5.C0B7B97C607150790910BC5B20A0A193] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-4] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.exe [1522088] =>PUP.iWebar
[MD5.90696F9951645647E4C59F80588D8740] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-5] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe [1048488] =>PUP.iWebar
[MD5.90696F9951645647E4C59F80588D8740] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe [1048488] =>PUP.iWebar
[MD5.1EEE65274FE8C0C7BA45BD7154F42A2C] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-6] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.exe [1298344] =>PUP.iWebar
[MD5.CB2A01810C90207247A8A1E8820323A6] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-7] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.exe [1011112] =>PUP.iWebar
[MD5.C33594E369B7096606D37DBA8DD54600] [APT] [77506c30-329c-4889-a964-5c545a034eec] (...) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\77506c30-329c-4889-a964-5c545a034eec.exe [32664] =>PUP.CrossRider
[MD5.1FAC915C32645F328E7802FA1C60A7E4] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-1] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-codedownloader.exe [1011096] =>PUP.CrossRider
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-11] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-11.exe [2006936] =>PUP.CrossRider
[MD5.AF870F4CB99161E3D172C98475AA35C1] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-2] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-2.exe [934296] =>PUP.CrossRider
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-3] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-3.exe [2006936] =>PUP.CrossRider
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-4] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-4.exe [1522072] =>PUP.CrossRider
[MD5.EE9C74045DF33C7D1DCD891438B9B115] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-5] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe [1048472] =>PUP.CrossRider
[MD5.EE9C74045DF33C7D1DCD891438B9B115] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-5_user] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe [1048472] =>PUP.CrossRider
[MD5.A83DC341BFE882FDCA91647C6B700577] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-6] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-6.exe [1298328] =>PUP.CrossRider
[MD5.1FAC915C32645F328E7802FA1C60A7E4] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-7] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-7.exe [1011096] =>PUP.CrossRider
[MD5.9E2B5E59972F315C60CF1145E2D48D17] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-1] (.Object Browser.) -- C:\Program Files (x86)\Sense\Sense-codedownloader.exe [1125288] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-11] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.exe [2031016] =>PUP.ObjectBrowser
[MD5.6C52CB60ABD0A973B547893B3421E9E1] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-2] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.exe [945576] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-3] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.exe [2031016] =>PUP.ObjectBrowser
[MD5.4D49C5749A9AF729FF8695C537C396E0] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-4] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.exe [1543080] =>PUP.ObjectBrowser
[MD5.AC75EB1739C19A215A71A1EA972CF4DC] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe [1173416] =>PUP.ObjectBrowser
[MD5.AC75EB1739C19A215A71A1EA972CF4DC] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe [1173416] =>PUP.ObjectBrowser
[MD5.CFD0AB661264203C53FB4B6E2704F2C2] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-6] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.exe [1319336] =>PUP.ObjectBrowser
[MD5.9E2B5E59972F315C60CF1145E2D48D17] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-7] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.exe [1125288] =>PUP.ObjectBrowser
[MD5.4D49C5749A9AF729FF8695C537C396E0] [APT] [LK] (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [OAIXGJWQ] (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
[MD5.6A32CFB384F0EF5A334A8E7195BED0E4] [APT] [Opera scheduled Autoupdate 1409976896] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [466040]
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [PZUX] (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936]
[MD5.86E702127C563E4A2FD90DB32FEE2E53] [APT] [ShopperPro] (.Goobzo LTD.) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1110888] =>PUP.ShopperPro
[MD5.A2865DA4991586FA38C14C5FA61E2A3C] [APT] [ShopperProJSUpd] (.Goobzo.) -- C:\Program Files (x86)\ShopperPro\updater.exe [747368] =>PUP.ShopperPro
[MD5.80E470B2C0F974862558B2091FF6E644] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe [3224064] =>PUP.ShopperPro
[MD5.408B91BC1B49C623ACAF73BC84AFD80A] [APT] [YTDownloader] (.YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968] =>PUP.YTDownloader
[MD5.1C87F08674BBA40E87EAD595F88F9508] [APT] [YTDownloaderUpd] (.Goobzo.) -- C:\Program Files (x86)\YTDownloader\updater.exe [745320] =>PUP.YTDownloader
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [APT] [YXA] (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072]
O39 - APT: 10ef5ceb-1421-4e66-9ecc-4ac5c7613255 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.job [1474]
O39 - APT: 10ef5ceb-1421-4e66-9ecc-4ac5c7613255 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\10ef5ceb-1421-4e66-9ecc-4ac5c7613255 [1474]
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-1 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1.job [3772] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-1 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1 [3772] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-11 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.job [5508] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-11 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11 [5508] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-2 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.job [2434] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-2 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2 [2434] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-4 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.job [4482] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-4 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4 [4482] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.job [2778] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5 [2778] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user.job [2778] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user [2778] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-6 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.job [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-6 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6 [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-7 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.job [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-7 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7 [5850] =>PUP.CrossRider
O39 - APT: 77506c30-329c-4889-a964-5c545a034eec - (...) -- C:\Windows\Tasks\77506c30-329c-4889-a964-5c545a034eec.job [670]
O39 - APT: 77506c30-329c-4889-a964-5c545a034eec - (...) -- C:\Windows\System32\Tasks\77506c30-329c-4889-a964-5c545a034eec [670]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-1 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1.job [3488] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-1 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1 [3488] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-11 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-11.job [5202]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-11 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-11 [5202]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-2 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2.job [2128] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-2 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2 [2128] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-3 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3.job [4512] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-3 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3 [4512] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-4 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4.job [4856] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-4 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4 [4856] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5.job [2464] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5 [2464] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5_user - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5_user.job [2464]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5_user - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5_user [2464]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-6 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6.job [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-6 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6 [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-7 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7.job [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-7 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7 [5536] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-1 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1.job [3416] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-1 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1 [3416] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-11 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.job [5502] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-11 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11 [5502] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-2 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.job [2428] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-2 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2 [2428] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-3 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.job [3796] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-3 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3 [3796] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-4 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.job [4476] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-4 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4 [4476] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.job [2772] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5 [2772] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user.job [2772] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user [2772] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-6 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.job [5844] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-6 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6 [5844] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-7 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.job [5500] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-7 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [966]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [966]
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [970]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [970]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-373983993-1478528199-3294864886-1001Core [1038]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-373983993-1478528199-3294864886-1001UA [1090]
O39 - APT: LK - (.Object Browser.) -- C:\Windows\Tasks\LK.job [1342] =>PUP.ObjectBrowser
O39 - APT: LK - (.Object Browser.) -- C:\Windows\System32\Tasks\LK [1342] =>PUP.ObjectBrowser
O39 - APT: OAIXGJWQ - (.Object Browser.) -- C:\Windows\Tasks\OAIXGJWQ.job [1698] =>PUP.ObjectBrowser
O39 - APT: OAIXGJWQ - (.Object Browser.) -- C:\Windows\System32\Tasks\OAIXGJWQ [1698] =>PUP.ObjectBrowser
O39 - APT: PZUX - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\PZUX.job [1346]
O39 - APT: PZUX - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\PZUX [1346]
O39 - APT: YXA - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\YXA.job [1344]
O39 - APT: YXA - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\YXA [1344]
~ Scheduled Task: 252 Legitimates Filtered in 00mn 04s
---\\ Logiciels installés (O42)
O42 - Logiciel: Ge-Force - (.iWebar.) [HKLM][64Bits] -- Ge-Force =>PUP.iWebar
O42 - Logiciel: HQ-Video-Pro-2.1cV20.11 - (.HQ-VideoV20.11.) [HKLM][64Bits] -- HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: YTDownloader - (.YTDownloader.) [HKLM][64Bits] -- YTDownloader =>PUP.YTDownloader
~ Logic: 31 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\LK]
[HKCU\Software\OAIXGJWQ]
[HKCU\Software\OB]
[HKCU\Software\PZUX]
[HKCU\Software\X Unlock Tool - FastGSM]
[HKCU\Software\YTDownloader] =>PUP.YTDownloader
[HKCU\Software\YXA]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\443c7a82-ab50-450f-8c40-2d98e982d6f2]
[HKLM\Software\Wow6432Node\59b63a51-9149-4a39-b4f0-847ef01d3d47]
[HKLM\Software\Wow6432Node\Ge-Force-nv]
[HKLM\Software\Wow6432Node\HQ-Video-Pro-2.1cV20.11-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\ND]
[HKLM\Software\Wow6432Node\Sense-nv]
[HKLM\Software\Wow6432Node\a9c03a16-6d17-4dab-9e3d-acfdde0254b7]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
~ Key Software: 295 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/11/2014 - 02:21:32 - [] ----D C:\Program Files (x86)\01697261-517b-4661-9aa4-4e4461e5f3bd
O43 - CFD: 21/11/2014 - 02:22:38 - [] ----D C:\Program Files (x86)\0f02b588-4ad3-4747-ba4f-2ee0146712f4
O43 - CFD: 21/11/2014 - 02:21:47 - [] ----D C:\Program Files (x86)\8c4383be-6203-4656-9037-429008c997e9
O43 - CFD: 21/11/2014 - 02:22:40 - [] ----D C:\Program Files (x86)\Ge-Force
O43 - CFD: 21/11/2014 - 02:23:24 - [] ----D C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider
O43 - CFD: 08/11/2014 - 03:42:08 - [] ----D C:\Program Files (x86)\innoApp
O43 - CFD: 21/11/2014 - 02:22:24 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 21/11/2014 - 02:05:01 - [] ----D C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro
O43 - CFD: 21/11/2014 - 02:11:47 - [] ----D C:\Program Files (x86)\YTDownloader =>PUP.YTDownloader
O43 - CFD: 15/11/2014 - 04:21:59 - [0] ----D C:\ProgramData\6e87eb53-887a-4d05-8c62-90bc57a404eb
O43 - CFD: 15/11/2014 - 04:33:02 - [0] ----D C:\ProgramData\91 Harbor
O43 - CFD: 19/11/2014 - 23:17:01 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 21/11/2014 - 02:05:01 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 01/11/2014 - 01:32:39 - [0] ----D C:\Users\Nana\AppData\Roaming\BandExtend
O43 - CFD: 22/11/2014 - 01:18:00 - [] ----D C:\Users\Nana\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 08/09/2014 - 05:33:20 - [] ----D C:\Users\Nana\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 08/09/2014 - 04:03:06 - [] ----D C:\Users\Nana\AppData\Roaming\RHEng
O43 - CFD: 10/10/2014 - 22:35:24 - [] ----D C:\Users\Nana\AppData\Roaming\X Unlock Tool
O43 - CFD: 11/10/2014 - 02:09:46 - [] ----D C:\Users\Nana\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 22/11/2014 - 00:11:57 - [] ----D C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader
~ Program Folder: 198 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6D7FDBF9CEAC51A76750FD38CF801F30] - 14/11/2014 - 05:42:04 ---A- . (...) -- C:\Windows\SECOH-QAD.dll [3584]
O44 - LFC:[MD5.38DE5B216C33833AF710E88F7F64FC98] - 14/11/2014 - 05:42:04 ---A- . (...) -- C:\Windows\SECOH-QAD.exe [4608]
O44 - LFC:[MD5.BF279ACE59CB0C1F615094C965C601F0] - 19/11/2014 - 02:03:00 ---A- . (...) -- C:\Windows\ntbtlog.txt [1154594]
O44 - LFC:[MD5.C322864A3008F89322E3A219ED18C270] - 21/11/2014 - 23:46:17 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1292602]
O44 - LFC:[MD5.F7F9426A8E74B92F63ACDCBD8D017BD8] - 22/11/2014 - 00:11:49 ---A- . (...) -- C:\Windows\DtcInstall.log [3949]
O44 - LFC:[MD5.36A2ACA9C4DE26D1ACB760CFA06ABF15] - 22/11/2014 - 00:18:28 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [23208]
O44 - LFC:[MD5.A0AF9B1D6E49CF88F25FCA1743379D02] - 22/11/2014 - 00:18:48 ---A- . (...) -- C:\Windows\comsetup.log [7232]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 22/11/2014 - 00:18:50 ---A- . (...) -- C:\Windows\diagerr.xml [26673]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 22/11/2014 - 00:18:50 ---A- . (...) -- C:\Windows\diagwrn.xml [26673]
~ Files: 71 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.C336042F713D40153114FFB2941EC808] - 22/11/2014 - 00:20:05 ---A- - C:\Windows\Prefetch\HQ-VIDEO-PRO-2.1CV20.11-CODED-15C22DAC.pf =>PUP.CrossRider
O45 - LFCP:[MD5.AB63B9FB2DC9875FBADE3F5D85E79677] - 22/11/2014 - 01:14:47 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-DC0315DA.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.B7431762F5D354520DDC3D07200A33D4] - 22/11/2014 - 01:14:50 ---A- - C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-502E695B.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.D6A57D18043E76FE24001323B85F8217] - 22/11/2014 - 00:21:37 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-8DB084C1.pf =>P2P.µTorrent
O45 - LFCP:[MD5.D98655C745476F4353CE4C7D57127873] - 22/11/2014 - 00:21:44 ---A- - C:\Windows\Prefetch\YTDOWNLOADER.EXE-16291FE1.pf =>PUP.YTDownloader
~ Prefetcher: 5 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 14 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:27/05/2014 - 21:01:34 ---A- . (.Avira GmbH - TDI filtering kernel driver.) -- C:\Windows\System32\Drivers\avfwot.sys [141376]
O58 - SDL:12/08/2013 - 23:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:25/10/2014 - 01:35:33 ---A- . (...) -- C:\Windows\System32\Drivers\cnnctfy2.sys [31344]
O58 - SDL:23/04/2012 - 11:26:26 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [154272]
O58 - SDL:22/08/2013 - 12:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:25/07/2013 - 11:34:40 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072]
~ Drivers: 47 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe [114568]
O61 - LFC: 18/11/2014 - 01:40:21 ---A- . (...) -- C:\Users\Nana\Downloads\Programs\Avira_Internet_Security_2013_with_License_Key_for_Two_Years_[Full_Version]___Instructions.exe [424800]
O61 - LFC: 19/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\Desktop\RSIT.exe [1107968]
O61 - LFC: 19/11/2014 - 01:40:21 ---A- . (...) -- C:\Users\Nana\Downloads\Programs\avira_registry_cleaner_en.exe [221776]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\appsFolderLayout.bin [1327]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
O61 - LFC: 22/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [405180]
O61 - LFC: 22/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\INetCache\IE\VG87L7IO\spark[1].bin [649]
~ 18 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 95 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido & C_XX - (.El Desaparecido & C_XX.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Nana - 8n5eg1uh.default] user_pref("extensions.crossrider.bic", "149d042c75c4b9f76ea19a439887b777"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} - (Norton Safe Search) - http://nortonsafe.search.ask.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Users\Nana\Downloads\Router KeyGen 1.0 avec DICO deblokgsm.com.zip.part =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
C:\Users\Nana\Downloads\Router KeyGen 1.0 avec DICO deblokgsm.com.zip.part =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
D:\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
D:\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
D:\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
~ Files: Scanned in 00mn 18s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.4D49C5749A9AF729FF8695C537C396E0] [SPRF][21/11/2014] (.Object Browser - Sense exe.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [SPRF][21/11/2014] (.Object Browser - Sense exe.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [SPRF][21/11/2014] (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 exe.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936] =>PUP.CrossRider
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [SPRF][21/11/2014] (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 exe.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072] =>PUP.CrossRider
[MD5.8685FAF50C04F9A9C2F56FF64B0B7ACB] [SPRF][19/11/2014] (...) -- C:\Users\Nana\Desktop\RSIT.exe [1107968]
~ Files: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{DD37917C-C885-4BC0-914C-1539B626ADFB}" | In - Private - P17 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{73F80550-9942-4FBA-B59A-99F71BCF393E}" | In - Private - P6 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{8FBD0CD4-ED8B-469F-842D-DF71D5FC06EC}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{C423919F-7C52-4C62-8CE4-C481A4560D26}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{2304F5DA-E2F4-42C3-88A1-F3E33A41680E}" | In - Public - P6 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{0030F754-13B3-414B-BD80-E88E68A5E521}" | In - Public - P17 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
~ Firewall: 6 Legitimates Filtered in 00mn 01s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110611311163}] (HQ-Video-Pro-2.1cV20.11) =>PUP.CrossRider
~ BCK: 5629 Legitimates Filtered in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 15/10/2014 1044784 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
SS - | Auto 15/10/2014 806704 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SS - | Auto 15/10/2014 431920 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SS - | Auto 15/10/2014 431920 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Auto 15/10/2014 994096 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Auto 07/10/2014 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 21/11/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Demand 21/11/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Auto 08/09/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/09/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/10/2014 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 07/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 24/09/2012 31040 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 20/11/2014 116928 | (MobogenieService) . (.Mobogenie.com.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
SR - | Auto 25/07/2013 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Nana at 22/11/2014 01:40:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Nana at 22/11/2014 01:40:52
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 31
Valeurs trouvées (Values found) : 8
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 93
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\MobogenieService] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-2.1cV20.11] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622312263}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622312263}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:DesktopIconToy =>Adware.ADON^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider^
C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader =>PUP.YTDownloader^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\Users\Nana\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\Nana\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\Nana\AppData\Local\genienext =>PUP.NextLive^
C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader^
C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader^
C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.exe =>PUP.CrossRider^
C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.exe =>PUP.iWebar^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\77506c30-329c-4889-a964-5c545a034eec.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-11.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\Sense\Sense-codedownloader.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.exe =>PUP.ObjectBrowser^
C:\Users\Nana\AppData\Roaming\LK.exe =>PUP.ObjectBrowser^
C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.ShopperPro^
C:\Program Files (x86)\ShopperPro\updater.exe =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader\updater.exe =>PUP.YTDownloader^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.job =>PUP.iWebar^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11 =>PUP.iWebar^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user.job =>PUP.iWebar^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user =>PUP.iWebar^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11 =>PUP.ObjectBrowser^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user =>PUP.ObjectBrowser^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7 =>PUP.CrossRider^
C:\Windows\Tasks\LK.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\LK =>PUP.ObjectBrowser^
C:\Windows\Tasks\OAIXGJWQ.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\OAIXGJWQ =>PUP.ObjectBrowser^
[HKCU\Software\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\HQ-Video-Pro-2.1cV20.11-nv] =>PUP.CrossRider^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
C:\Users\Nana\AppData\Roaming\PZUX.exe =>PUP.CrossRider^
C:\Users\Nana\AppData\Roaming\YXA.exe =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110611311163}] (HQ-Video-Pro-2.1cV20.11) =>PUP.CrossRider^
~ Additionnel Scan: 265115 Items scanned in 00mn 14s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-iwebar =>PUP.iWebar
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-adon =>Adware.ADON
http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive
http://nicolascoolman.fr/adware-vidsaver =>Adware.VidSaver
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
~ MSI: 11 link(s) detected in 00mn 00s
~ 1145 Legitimates filtered by white list
End of the scan (813 lines in 01mn 12s)(11)
~ Lancé par Nana (22/11/2014 01:39:55)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16384 (Defaut)
MFIE: Mozilla Firefox 33.1
GCIE: Google Chrome v37.0.2062.120
OPIE: Opera vStable 25.0.1614.50
OPIE: Opera vStable 25.0.1614.71
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1 Pro, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, VOLUME_KMSCLIENT channel
Windows ID Activation : OK
~ Windows Partial Key : 9D6T9
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W8 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4043 MB (27% free)
System Restore: Désactivé (Disabled)
System drive C: has 126 GB (39%) free of 315 GB
---\\ Mode de connexion au système
~ Computer Name: MOURKER
~ User Name: Nana
~ All Users Names: Nana, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nana\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nana\AppData\Roaming\
~ %Desktop% : C:\Users\Nana\Desktop\
~ %Favorites% : C:\Users\Nana\Favorites\
~ %LocalAppData% : C:\Users\Nana\AppData\Local\
~ %StartMenu% : C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 126 Go of 315 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 107 Go)
E: Hard drive, Flash drive, Thumb drive (Free 3 Go of 42 Go)
F: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8479DC46E9A09015C0777A16BC22A15D] - (.Microsoft Corporation - Explorateur Windows.) (.22/08/2013 - 12:39:51.) -- C:\Windows\Explorer.exe [2328880]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 09:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.CE76481B886D891F1ECF11939DF16938] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/08/2013 - 09:29:03.) -- C:\Windows\System32\wininet.dll [2328064]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 09:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22/08/2013 - 10:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 13:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 12:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 11:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 08:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 11:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 11:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 11:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.0063040EFD7C5B81D67CF985BA35388A] - (.Microsoft Corporation - IP Network Address Translator.) (.22/08/2013 - 11:35:33.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.405A2E5754DF76663CF0522B87D7929F] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.22/08/2013 - 11:36:11.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 11:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22/08/2013 - 13:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 11:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 11:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 22:26:13.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 13:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1536
~ Mes musiques (My Musics) : 4/308
~ Mes Videos (My Videos) : 2/492
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 3/7518
~ Mon Bureau (My Desktop) : 2/306
~ Menu demarrer (Programs) : 1/104
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.77A6B7D846B93CE38D571884054C4C3A] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3491264] [PID.2780]
[MD5.0DF3D43C5FE1495BEB3B6739379EF2B9] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe [1385808] [PID.3656] =>P2P.BitTorrent
[MD5.4B85BD6EF15679389C54C5D78C2DA925] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22067296] [PID.3156]
[MD5.80E470B2C0F974862558B2091FF6E644] - (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe [3224064] [PID.4008] =>PUP.ShopperPro
[MD5.408B91BC1B49C623ACAF73BC84AFD80A] - (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968] [PID.1384] =>PUP.YTDownloader
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.3692]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [263600] [PID.3760]
[MD5.E12AC7C55EFB6307AA07AB3EA93B2A1E] - (.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe [504512] [PID.2232] =>PUP.Mobogenie
[MD5.65068E245EFE045E6956190CD0E2FB91] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5652]
[MD5.A89213C4C9DDBD8BDE32D847BB7F3E2F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [145520] [PID.5920]
[MD5.7D710239833D16DD2BEBB23DFEAAB61D] - (.Adobe Systems, Inc. - Adobe Flash Player 15.0 r0.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe [1880752] [PID.2132]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8099328] [PID.4588]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nana\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Nana - 8n5eg1uh.default\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}] [] Shopper-Pro v1.0.0.4 (..)
M2 - MFEP: Extension [Nana - 8n5eg1uh.default] {46093ebf-2671-47dd-b049-a445902e2e5a}
~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e105fff0f3e80131b6584734478597d40061911 [64Bits] - {11111111-1111-1111-1111-110611191111} . (.iWebar - Ge-Force BHO.) -- C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll =>PUP.iWebar
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 [64Bits] - {11111111-1111-1111-1111-110611191115} . (.Object Browser - Sense BHO.) -- C:\Program Files (x86)\Sense\Sense-bho.dll =>PUP.ObjectBrowser
O2 - BHO: f44971a003610132460604579b8fb35c0063163 [64Bits] - {11111111-1111-1111-1111-110611311163} . (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 BHO.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-bho.dll =>PUP.CrossRider
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
~ BHO: 40 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\QuickLaunch [Nana]: Desktop Icon Toy.lnk . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - GS\QuickLaunch [Nana]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files (x86)\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\QuickLaunch [Nana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Nana]: YTDownloader.lnk . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - GS\Desktop [Nana]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 6 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [DesktopIconToy] . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Nana\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nana\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKCU\..\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [DesktopIconToy] . (.iDeskSoft - Desktop Icon Toy.) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe =>Adware.ADON
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Nana\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Nana\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-373983993-1478528199-3294864886-1001\..\Run: [YTDownloader] . (.YTDownloader - YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.localhost
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E07EA50C-E6EE-43BD-B45E-436E967FB2CC}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{E07EA50C-E6EE-43BD-B45E-436E967FB2CC}: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: MobogenieService (MobogenieService) . (.Mobogenie.com - MobogenieService.exe.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
~ Services: 13 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
[MD5.44BB2E54B32FF146C90EB288937A824C] [APT] [10ef5ceb-1421-4e66-9ecc-4ac5c7613255] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.exe [331672] =>PUP.CrossRider
[MD5.CB2A01810C90207247A8A1E8820323A6] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-1] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe [1011112] =>PUP.iWebar
[MD5.B4E61891B895C04A7326F089F54A554D] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-11] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.exe [2006952] =>PUP.iWebar
[MD5.790B992388F8A088E39E7C0D4A77F3A8] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-2] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.exe [934312] =>PUP.iWebar
[MD5.C0B7B97C607150790910BC5B20A0A193] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-4] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.exe [1522088] =>PUP.iWebar
[MD5.90696F9951645647E4C59F80588D8740] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-5] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe [1048488] =>PUP.iWebar
[MD5.90696F9951645647E4C59F80588D8740] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe [1048488] =>PUP.iWebar
[MD5.1EEE65274FE8C0C7BA45BD7154F42A2C] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-6] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.exe [1298344] =>PUP.iWebar
[MD5.CB2A01810C90207247A8A1E8820323A6] [APT] [11d2163e-ae04-48e8-b7cd-223200d1e92f-7] (.iWebar.) -- C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.exe [1011112] =>PUP.iWebar
[MD5.C33594E369B7096606D37DBA8DD54600] [APT] [77506c30-329c-4889-a964-5c545a034eec] (...) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\77506c30-329c-4889-a964-5c545a034eec.exe [32664] =>PUP.CrossRider
[MD5.1FAC915C32645F328E7802FA1C60A7E4] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-1] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-codedownloader.exe [1011096] =>PUP.CrossRider
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-11] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-11.exe [2006936] =>PUP.CrossRider
[MD5.AF870F4CB99161E3D172C98475AA35C1] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-2] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-2.exe [934296] =>PUP.CrossRider
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-3] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-3.exe [2006936] =>PUP.CrossRider
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-4] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-4.exe [1522072] =>PUP.CrossRider
[MD5.EE9C74045DF33C7D1DCD891438B9B115] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-5] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe [1048472] =>PUP.CrossRider
[MD5.EE9C74045DF33C7D1DCD891438B9B115] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-5_user] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe [1048472] =>PUP.CrossRider
[MD5.A83DC341BFE882FDCA91647C6B700577] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-6] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-6.exe [1298328] =>PUP.CrossRider
[MD5.1FAC915C32645F328E7802FA1C60A7E4] [APT] [cf004f70-07f1-4023-b8ac-0352c2adae89-7] (.HQ-VideoV20.11.) -- C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-7.exe [1011096] =>PUP.CrossRider
[MD5.9E2B5E59972F315C60CF1145E2D48D17] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-1] (.Object Browser.) -- C:\Program Files (x86)\Sense\Sense-codedownloader.exe [1125288] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-11] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.exe [2031016] =>PUP.ObjectBrowser
[MD5.6C52CB60ABD0A973B547893B3421E9E1] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-2] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.exe [945576] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-3] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.exe [2031016] =>PUP.ObjectBrowser
[MD5.4D49C5749A9AF729FF8695C537C396E0] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-4] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.exe [1543080] =>PUP.ObjectBrowser
[MD5.AC75EB1739C19A215A71A1EA972CF4DC] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe [1173416] =>PUP.ObjectBrowser
[MD5.AC75EB1739C19A215A71A1EA972CF4DC] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe [1173416] =>PUP.ObjectBrowser
[MD5.CFD0AB661264203C53FB4B6E2704F2C2] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-6] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.exe [1319336] =>PUP.ObjectBrowser
[MD5.9E2B5E59972F315C60CF1145E2D48D17] [APT] [e9fb74db-6d54-483c-b8da-fd56e72101e6-7] (.Object Browser.) -- C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.exe [1125288] =>PUP.ObjectBrowser
[MD5.4D49C5749A9AF729FF8695C537C396E0] [APT] [LK] (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [APT] [OAIXGJWQ] (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
[MD5.6A32CFB384F0EF5A334A8E7195BED0E4] [APT] [Opera scheduled Autoupdate 1409976896] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [466040]
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [APT] [PZUX] (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936]
[MD5.86E702127C563E4A2FD90DB32FEE2E53] [APT] [ShopperPro] (.Goobzo LTD.) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe [1110888] =>PUP.ShopperPro
[MD5.A2865DA4991586FA38C14C5FA61E2A3C] [APT] [ShopperProJSUpd] (.Goobzo.) -- C:\Program Files (x86)\ShopperPro\updater.exe [747368] =>PUP.ShopperPro
[MD5.80E470B2C0F974862558B2091FF6E644] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe [3224064] =>PUP.ShopperPro
[MD5.408B91BC1B49C623ACAF73BC84AFD80A] [APT] [YTDownloader] (.YTDownloader.) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968] =>PUP.YTDownloader
[MD5.1C87F08674BBA40E87EAD595F88F9508] [APT] [YTDownloaderUpd] (.Goobzo.) -- C:\Program Files (x86)\YTDownloader\updater.exe [745320] =>PUP.YTDownloader
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [APT] [YXA] (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072]
O39 - APT: 10ef5ceb-1421-4e66-9ecc-4ac5c7613255 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.job [1474]
O39 - APT: 10ef5ceb-1421-4e66-9ecc-4ac5c7613255 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\10ef5ceb-1421-4e66-9ecc-4ac5c7613255 [1474]
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-1 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1.job [3772] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-1 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1 [3772] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-11 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.job [5508] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-11 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11 [5508] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-2 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.job [2434] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-2 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2 [2434] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-4 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.job [4482] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-4 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4 [4482] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.job [2778] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5 [2778] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user.job [2778] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user [2778] =>PUP.iWebar
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-6 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.job [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-6 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6 [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-7 - (.iWebar.) -- C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.job [5850] =>PUP.CrossRider
O39 - APT: 11d2163e-ae04-48e8-b7cd-223200d1e92f-7 - (.iWebar.) -- C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7 [5850] =>PUP.CrossRider
O39 - APT: 77506c30-329c-4889-a964-5c545a034eec - (...) -- C:\Windows\Tasks\77506c30-329c-4889-a964-5c545a034eec.job [670]
O39 - APT: 77506c30-329c-4889-a964-5c545a034eec - (...) -- C:\Windows\System32\Tasks\77506c30-329c-4889-a964-5c545a034eec [670]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-1 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1.job [3488] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-1 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1 [3488] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-11 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-11.job [5202]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-11 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-11 [5202]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-2 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2.job [2128] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-2 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2 [2128] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-3 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3.job [4512] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-3 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3 [4512] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-4 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4.job [4856] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-4 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4 [4856] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5.job [2464] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5 [2464] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5_user - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5_user.job [2464]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-5_user - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5_user [2464]
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-6 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6.job [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-6 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6 [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-7 - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7.job [5536] =>PUP.CrossRider
O39 - APT: cf004f70-07f1-4023-b8ac-0352c2adae89-7 - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7 [5536] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-1 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1.job [3416] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-1 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1 [3416] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-11 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.job [5502] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-11 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11 [5502] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-2 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.job [2428] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-2 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2 [2428] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-3 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.job [3796] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-3 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3 [3796] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-4 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.job [4476] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-4 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4 [4476] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.job [2772] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5 [2772] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user.job [2772] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user [2772] =>PUP.ObjectBrowser
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-6 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.job [5844] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-6 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6 [5844] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-7 - (.Object Browser.) -- C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.job [5500] =>PUP.CrossRider
O39 - APT: e9fb74db-6d54-483c-b8da-fd56e72101e6-7 - (.Object Browser.) -- C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [966]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [966]
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [970]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [970]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-373983993-1478528199-3294864886-1001Core [1038]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-373983993-1478528199-3294864886-1001UA [1090]
O39 - APT: LK - (.Object Browser.) -- C:\Windows\Tasks\LK.job [1342] =>PUP.ObjectBrowser
O39 - APT: LK - (.Object Browser.) -- C:\Windows\System32\Tasks\LK [1342] =>PUP.ObjectBrowser
O39 - APT: OAIXGJWQ - (.Object Browser.) -- C:\Windows\Tasks\OAIXGJWQ.job [1698] =>PUP.ObjectBrowser
O39 - APT: OAIXGJWQ - (.Object Browser.) -- C:\Windows\System32\Tasks\OAIXGJWQ [1698] =>PUP.ObjectBrowser
O39 - APT: PZUX - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\PZUX.job [1346]
O39 - APT: PZUX - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\PZUX [1346]
O39 - APT: YXA - (.HQ-VideoV20.11.) -- C:\Windows\Tasks\YXA.job [1344]
O39 - APT: YXA - (.HQ-VideoV20.11.) -- C:\Windows\System32\Tasks\YXA [1344]
~ Scheduled Task: 252 Legitimates Filtered in 00mn 04s
---\\ Logiciels installés (O42)
O42 - Logiciel: Ge-Force - (.iWebar.) [HKLM][64Bits] -- Ge-Force =>PUP.iWebar
O42 - Logiciel: HQ-Video-Pro-2.1cV20.11 - (.HQ-VideoV20.11.) [HKLM][64Bits] -- HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: YTDownloader - (.YTDownloader.) [HKLM][64Bits] -- YTDownloader =>PUP.YTDownloader
~ Logic: 31 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\LK]
[HKCU\Software\OAIXGJWQ]
[HKCU\Software\OB]
[HKCU\Software\PZUX]
[HKCU\Software\X Unlock Tool - FastGSM]
[HKCU\Software\YTDownloader] =>PUP.YTDownloader
[HKCU\Software\YXA]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\443c7a82-ab50-450f-8c40-2d98e982d6f2]
[HKLM\Software\Wow6432Node\59b63a51-9149-4a39-b4f0-847ef01d3d47]
[HKLM\Software\Wow6432Node\Ge-Force-nv]
[HKLM\Software\Wow6432Node\HQ-Video-Pro-2.1cV20.11-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\ND]
[HKLM\Software\Wow6432Node\Sense-nv]
[HKLM\Software\Wow6432Node\a9c03a16-6d17-4dab-9e3d-acfdde0254b7]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
~ Key Software: 295 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/11/2014 - 02:21:32 - [] ----D C:\Program Files (x86)\01697261-517b-4661-9aa4-4e4461e5f3bd
O43 - CFD: 21/11/2014 - 02:22:38 - [] ----D C:\Program Files (x86)\0f02b588-4ad3-4747-ba4f-2ee0146712f4
O43 - CFD: 21/11/2014 - 02:21:47 - [] ----D C:\Program Files (x86)\8c4383be-6203-4656-9037-429008c997e9
O43 - CFD: 21/11/2014 - 02:22:40 - [] ----D C:\Program Files (x86)\Ge-Force
O43 - CFD: 21/11/2014 - 02:23:24 - [] ----D C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider
O43 - CFD: 08/11/2014 - 03:42:08 - [] ----D C:\Program Files (x86)\innoApp
O43 - CFD: 21/11/2014 - 02:22:24 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 21/11/2014 - 02:05:01 - [] ----D C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro
O43 - CFD: 21/11/2014 - 02:11:47 - [] ----D C:\Program Files (x86)\YTDownloader =>PUP.YTDownloader
O43 - CFD: 15/11/2014 - 04:21:59 - [0] ----D C:\ProgramData\6e87eb53-887a-4d05-8c62-90bc57a404eb
O43 - CFD: 15/11/2014 - 04:33:02 - [0] ----D C:\ProgramData\91 Harbor
O43 - CFD: 19/11/2014 - 23:17:01 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 21/11/2014 - 02:05:01 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 01/11/2014 - 01:32:39 - [0] ----D C:\Users\Nana\AppData\Roaming\BandExtend
O43 - CFD: 22/11/2014 - 01:18:00 - [] ----D C:\Users\Nana\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 08/09/2014 - 05:33:20 - [] ----D C:\Users\Nana\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 08/09/2014 - 04:03:06 - [] ----D C:\Users\Nana\AppData\Roaming\RHEng
O43 - CFD: 10/10/2014 - 22:35:24 - [] ----D C:\Users\Nana\AppData\Roaming\X Unlock Tool
O43 - CFD: 11/10/2014 - 02:09:46 - [] ----D C:\Users\Nana\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 22/11/2014 - 00:11:57 - [] ----D C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader
~ Program Folder: 198 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6D7FDBF9CEAC51A76750FD38CF801F30] - 14/11/2014 - 05:42:04 ---A- . (...) -- C:\Windows\SECOH-QAD.dll [3584]
O44 - LFC:[MD5.38DE5B216C33833AF710E88F7F64FC98] - 14/11/2014 - 05:42:04 ---A- . (...) -- C:\Windows\SECOH-QAD.exe [4608]
O44 - LFC:[MD5.BF279ACE59CB0C1F615094C965C601F0] - 19/11/2014 - 02:03:00 ---A- . (...) -- C:\Windows\ntbtlog.txt [1154594]
O44 - LFC:[MD5.C322864A3008F89322E3A219ED18C270] - 21/11/2014 - 23:46:17 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [1292602]
O44 - LFC:[MD5.F7F9426A8E74B92F63ACDCBD8D017BD8] - 22/11/2014 - 00:11:49 ---A- . (...) -- C:\Windows\DtcInstall.log [3949]
O44 - LFC:[MD5.36A2ACA9C4DE26D1ACB760CFA06ABF15] - 22/11/2014 - 00:18:28 ---A- . (...) -- C:\Windows\System32\emptyregdb.dat [23208]
O44 - LFC:[MD5.A0AF9B1D6E49CF88F25FCA1743379D02] - 22/11/2014 - 00:18:48 ---A- . (...) -- C:\Windows\comsetup.log [7232]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 22/11/2014 - 00:18:50 ---A- . (...) -- C:\Windows\diagerr.xml [26673]
O44 - LFC:[MD5.85BDC9BCB8B49319B5A841D5E3EA8A3F] - 22/11/2014 - 00:18:50 ---A- . (...) -- C:\Windows\diagwrn.xml [26673]
~ Files: 71 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.C336042F713D40153114FFB2941EC808] - 22/11/2014 - 00:20:05 ---A- - C:\Windows\Prefetch\HQ-VIDEO-PRO-2.1CV20.11-CODED-15C22DAC.pf =>PUP.CrossRider
O45 - LFCP:[MD5.AB63B9FB2DC9875FBADE3F5D85E79677] - 22/11/2014 - 01:14:47 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-DC0315DA.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.B7431762F5D354520DDC3D07200A33D4] - 22/11/2014 - 01:14:50 ---A- - C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-502E695B.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.D6A57D18043E76FE24001323B85F8217] - 22/11/2014 - 00:21:37 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-8DB084C1.pf =>P2P.µTorrent
O45 - LFCP:[MD5.D98655C745476F4353CE4C7D57127873] - 22/11/2014 - 00:21:44 ---A- - C:\Windows\Prefetch\YTDOWNLOADER.EXE-16291FE1.pf =>PUP.YTDownloader
~ Prefetcher: 5 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 14 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:27/05/2014 - 21:01:34 ---A- . (.Avira GmbH - TDI filtering kernel driver.) -- C:\Windows\System32\Drivers\avfwot.sys [141376]
O58 - SDL:12/08/2013 - 23:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:25/10/2014 - 01:35:33 ---A- . (...) -- C:\Windows\System32\Drivers\cnnctfy2.sys [31344]
O58 - SDL:23/04/2012 - 11:26:26 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [154272]
O58 - SDL:22/08/2013 - 12:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:25/07/2013 - 11:34:40 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072]
~ Drivers: 47 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe [114568]
O61 - LFC: 18/11/2014 - 01:40:21 ---A- . (...) -- C:\Users\Nana\Downloads\Programs\Avira_Internet_Security_2013_with_License_Key_for_Two_Years_[Full_Version]___Instructions.exe [424800]
O61 - LFC: 19/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\Desktop\RSIT.exe [1107968]
O61 - LFC: 19/11/2014 - 01:40:21 ---A- . (...) -- C:\Users\Nana\Downloads\Programs\avira_registry_cleaner_en.exe [221776]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\appsFolderLayout.bin [1327]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.HQ-VideoV20.11.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072]
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
O61 - LFC: 21/11/2014 - 01:40:20 ---A- . (.Object Browser.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
O61 - LFC: 22/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [405180]
O61 - LFC: 22/11/2014 - 01:40:20 ---A- . (...) -- C:\Users\Nana\AppData\Local\Microsoft\Windows\INetCache\IE\VG87L7IO\spark[1].bin [649]
~ 18 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 95 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido & C_XX - (.El Desaparecido & C_XX.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Nana - 8n5eg1uh.default] user_pref("extensions.crossrider.bic", "149d042c75c4b9f76ea19a439887b777"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} - (Norton Safe Search) - http://nortonsafe.search.ask.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Users\Nana\Downloads\Router KeyGen 1.0 avec DICO deblokgsm.com.zip.part =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
C:\Users\Nana\Downloads\Router KeyGen 1.0 avec DICO deblokgsm.com.zip.part =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
C:\_C\Users\Nana\Documents\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
D:\Logiciel\Source\ebp - Mon Budget Perso 2011 + Keygen [Fr]\Logiciel\Mon Budget Perso 2011.exe =>.Crack,Keygen
D:\Logiciel\Source\logiciels\Office 2007 + Keygen\Firefox%20Setup%202.0.0.20[1].exe =>.Crack,Keygen
D:\Logiciel\Source\Pack_Cracker_toute_PSP_pour_les_Nuls.rar =>.Crack,Keygen
~ Files: Scanned in 00mn 18s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.4D49C5749A9AF729FF8695C537C396E0] [SPRF][21/11/2014] (.Object Browser - Sense exe.) -- C:\Users\Nana\AppData\Roaming\LK.exe [1543080] =>PUP.ObjectBrowser
[MD5.4923FFFAAAC862105CC0E88C61B52C68] [SPRF][21/11/2014] (.Object Browser - Sense exe.) -- C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe [2031016] =>PUP.ObjectBrowser
[MD5.704A7ADF6C0B1234BE9715F11CDD2555] [SPRF][21/11/2014] (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 exe.) -- C:\Users\Nana\AppData\Roaming\PZUX.exe [2006936] =>PUP.CrossRider
[MD5.91C19B069DC69A6E3A3AF331F9E7D27E] [SPRF][21/11/2014] (.HQ-VideoV20.11 - HQ-Video-Pro-2.1cV20.11 exe.) -- C:\Users\Nana\AppData\Roaming\YXA.exe [1522072] =>PUP.CrossRider
[MD5.8685FAF50C04F9A9C2F56FF64B0B7ACB] [SPRF][19/11/2014] (...) -- C:\Users\Nana\Desktop\RSIT.exe [1107968]
~ Files: 5 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{DD37917C-C885-4BC0-914C-1539B626ADFB}" | In - Private - P17 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{73F80550-9942-4FBA-B59A-99F71BCF393E}" | In - Private - P6 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{8FBD0CD4-ED8B-469F-842D-DF71D5FC06EC}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{C423919F-7C52-4C62-8CE4-C481A4560D26}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{2304F5DA-E2F4-42C3-88A1-F3E33A41680E}" | In - Public - P6 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{0030F754-13B3-414B-BD80-E88E68A5E521}" | In - Public - P17 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
~ Firewall: 6 Legitimates Filtered in 00mn 01s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110611311163}] (HQ-Video-Pro-2.1cV20.11) =>PUP.CrossRider
~ BCK: 5629 Legitimates Filtered in 00mn 06s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 15/10/2014 1044784 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
SS - | Auto 15/10/2014 806704 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SS - | Auto 15/10/2014 431920 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SS - | Auto 15/10/2014 431920 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Auto 15/10/2014 994096 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Auto 07/10/2014 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 21/11/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Demand 21/11/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
SS - | Auto 08/09/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/09/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/10/2014 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 07/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 24/09/2012 31040 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 20/11/2014 116928 | (MobogenieService) . (.Mobogenie.com.) - C:\Program Files (x86)\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
SR - | Auto 25/07/2013 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Nana at 22/11/2014 01:40:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Nana at 22/11/2014 01:40:52
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 31
Valeurs trouvées (Values found) : 8
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 93
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\MobogenieService] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force] =>PUP.iWebar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-2.1cV20.11] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}] =>Toolbar.Ask
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622312263}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622312263}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611311163}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:DesktopIconToy =>Adware.ADON^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11 =>PUP.CrossRider^
C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader =>PUP.YTDownloader^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\Users\Nana\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\Nana\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\Nana\AppData\Local\genienext =>PUP.NextLive^
C:\Users\Nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader^
C:\Users\Nana\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1409\jsdrv.exe =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader\YTDownloader.exe =>PUP.YTDownloader^
C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\10ef5ceb-1421-4e66-9ecc-4ac5c7613255.exe =>PUP.CrossRider^
C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.exe =>PUP.iWebar^
C:\Program Files (x86)\Ge-Force\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.exe =>PUP.iWebar^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\77506c30-329c-4889-a964-5c545a034eec.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\HQ-Video-Pro-2.1cV20.11-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-11.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-2.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\HQ-Video-Pro-2.1cV20.11\cf004f70-07f1-4023-b8ac-0352c2adae89-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\Sense\Sense-codedownloader.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.exe =>PUP.ObjectBrowser^
C:\Users\Nana\AppData\Roaming\LK.exe =>PUP.ObjectBrowser^
C:\Users\Nana\AppData\Roaming\OAIXGJWQ.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\ShopperPro\ShopperPro.exe =>PUP.ShopperPro^
C:\Program Files (x86)\ShopperPro\updater.exe =>PUP.ShopperPro^
C:\Program Files (x86)\YTDownloader\updater.exe =>PUP.YTDownloader^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-1 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11.job =>PUP.iWebar^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-11 =>PUP.iWebar^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-2 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-4 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user.job =>PUP.iWebar^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-5_user =>PUP.iWebar^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-6 =>PUP.CrossRider^
C:\Windows\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\11d2163e-ae04-48e8-b7cd-223200d1e92f-7 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-1 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-2 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-3 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-4 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-5 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-6 =>PUP.CrossRider^
C:\Windows\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cf004f70-07f1-4023-b8ac-0352c2adae89-7 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-1 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-11 =>PUP.ObjectBrowser^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-2 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-3 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-4 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-5_user =>PUP.ObjectBrowser^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-6 =>PUP.CrossRider^
C:\Windows\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e9fb74db-6d54-483c-b8da-fd56e72101e6-7 =>PUP.CrossRider^
C:\Windows\Tasks\LK.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\LK =>PUP.ObjectBrowser^
C:\Windows\Tasks\OAIXGJWQ.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\OAIXGJWQ =>PUP.ObjectBrowser^
[HKCU\Software\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\HQ-Video-Pro-2.1cV20.11-nv] =>PUP.CrossRider^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
C:\Users\Nana\AppData\Roaming\PZUX.exe =>PUP.CrossRider^
C:\Users\Nana\AppData\Roaming\YXA.exe =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110611311163}] (HQ-Video-Pro-2.1cV20.11) =>PUP.CrossRider^
~ Additionnel Scan: 265115 Items scanned in 00mn 14s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-iwebar =>PUP.iWebar
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-adon =>Adware.ADON
http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive
http://nicolascoolman.fr/adware-vidsaver =>Adware.VidSaver
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
~ MSI: 11 link(s) detected in 00mn 00s
~ 1145 Legitimates filtered by white list
End of the scan (813 lines in 01mn 12s)(11)