Rating: 2.7. From 6 votes.
Please wait...

conseils-logiciels-windows-moteurderecherche-sitesCrossRider appartient à une famille de logiciels publicitaires  (Adware). Il s’installe en tant que programme et en tant qu’extension de navigateurs. Il ajoute d’autres programmes à l’insu de l’utilisateur et pollue les unités de stockage et la Base de Registres. Il recueille vos habitudes de navigations et les communique à un serveur (Tracking).

Les logiciels potentiellement indésirables (LPI) ou Potentialy Unwanted Programs (PUP) sont à l’origine de nombreuses infections. L’exemple le plus souvent rencontré est celui des adwares InstallCore, CrossRider, Graftor ou Boxore qui polluent la Base de Registres et vos unités de stockage de données. Ils s’installent généralement à votre insu via le téléchargement de gratuiciels. En effet certains sites utilisent la méthode de repaquetage, une opération qui consiste à refaire le module d’installation du logiciel en y ajoutant des options de téléchargement. Ces options permettent d’ajouter d’autres logiciels comme par exemple des barres d’outils de navigateur, des adwares, des logiciels potentiellement indésirables, des logiciels à publicités intrusives, voire des pirates de navigateur.

Adware.CrossRider

crossrider-adware-pup-polluteware

Recensé le : 19/05/2013
Propriétaire : Nom aléatoire
Origine : PUP.Optional

Produit

MPlayerplus,
Savings Wave,
Services x86,
video-high,
BetterDeals,
BrowserPlusBApps,
TotalPlus,

Numéro de série

15BE65185D88F5DE7A3448CCA2ADF5A7
3CA29099B9BFC9588C192E76F20EAF86
35A869FCC12511DF6082FA913302AD11

Algorithme MD5

4239A0205C7C210A2787E2E8197C4AC8
0543F3B68F45FA6C641CBB528A3AEA54
B723D7C2793B20EFB42AA9B8E8889D80
7E20B594C938AB70D9DC4E5E6B365F38
75EF5C0ABD3306D094B23C03BBECBDEC
13B8012D03A1BBA6AD4CA241A4D19E69
6B927A0E10DD90F2189F66C3DB9DFAF3

Caractéristiques

– Il s’installe en tant que processus lancé au démarrage du système (RP),
– Il installe un programme d’extension pour le navigateur Google Chrome (G2)
– Il installe des programmes d’extension pour le navigateur Mozilla Firefox (M2):
– Il s’installe en tant que BHO (Browser Helper Object) de Navigateur internet (O2),
– Il s’installe dans la Base de Registres afin d’être lancé à chaque démarrage du système (O4)
– Il démarre une tâche planifiée en automatique (O39),
– Il s’installe en tant que programme (O42),
– Il crée de multiples clés de Registre « Software »,
– Il modifie le fournisseur de recherche Internet (O69),
– Il pollue la base de Registres avec de nombreuses clés et valeurs (O88 ),

Rapport ZHPDiag

[MD5.4239A0205C7C210A2787E2E8197C4AC8] – (.shift – Friven_s_Pro_16 exe.) — C:\Program Files (x86)\Friven_s_Pro_16\Friven_s_Pro_16-nova.exe [593768] [PID.2684]
[MD5.0543F3B68F45FA6C641CBB528A3AEA54] – (.shift – Frieven_s_Prox_1.8 exe.) — C:\program files (x86)\frieven_s_prox_1.8\frieven_s_prox_1.8-bg.exe [577384] [PID.8456]
[MD5.B723D7C2793B20EFB42AA9B8E8889D80] [SPRF][24/07/2014] (.Dwnloader – Dwnloader Setup.) — D:\Bureau\Setup.exe [414200]
[MD5.7E20B594C938AB70D9DC4E5E6B365F38] – (…) — C:\Users\Coolman\AppData\Local\fabulous_07261115\fabulous_07261115.exe [2293760] [PID.1424]
[MD5.75EF5C0ABD3306D094B23C03BBECBDEC] – (.Corporate Inc – winservice86 exe.) — C:\Program Files (x86)\winservice86\721bec50-90c3-42e5-9ee9-a7a3f064a495.exe [370544] [PID.1924]
[MD5.13B8012D03A1BBA6AD4CA241A4D19E69] – (.Pas de propriétaire – Torpedo.) — C:\Program Files\videos+ MediaPlayer+\1cc062c8-4b55-4e61-9226-b044dded3960.exe [32152] [PID.2984]
G2 – GCE: Preference [User Data\Default] [lglkfgcmohcdajpldlnhjjiojjgkbmhm] Savings Wave v.1.23.65 (Désactivé )
G2 – GCE: Preference [User Data\Default] [pgjflcoiggljdahilbdhjodelfpgaebm] Color FB v.1.23.97, (Désactivé )
G2 – GCE: Preference [User Data\Default] [fglhnbihmeinbfgalpnaiembmdhfijli] Feven v.1.23.23, (Activé )
G2 – GCE: Preference [User Data\Default] [hjghiofiijcepdnocbgefbdlbckjfheg] Feven Pro 1.1 v.1.26.18, (Activé)
G2 – GCE: Preference [User Data\Default] [kigpmgkoelepakabiliblldhdpnidcod] Shop-Up v.1.24.6 (Activé )
G2 – GCE: Preference [User Data\Default] [deghekbbihbapplmbffglehkdhkeibbm] HQVid1.9v3 v.1.26.35, (Activé)
G2 – GCE: Preference [User Data\Default] [lgonpmchaeokedifbjenbcnjcdefdceg] FLV Player Addon v.1.26.35, (Activé)
G2 – GCE: Preference [User Data\Default] [dmgpbjjcdccinnndjdgmegndbmhbgglb] Fpro1.2 v.1.26.29, (Activé) //Attention avec PDFpro1 LEGITIME
G2 – GCE: Preference [User Data\Default] [majjphhgppkndjjkmhhnbgafooenebhd] MPlayerplus v.1.26.31, (Activé)
G2 – GCE: Preference [User Data\Default] [ceenmgoldhkkegcnlieacjjhndklllkp] Frevens Pro 12 v.1.26.15, (Activé)
G2 – GCE: Preference [User Data\Default] [fbjkggpkjbbmknmckfdelgiebjfhlklj] AllSaver v.1.4 (Activé)
G2 – GCE: Preference [User Data\Default] [lndipknmjijnalnkamonmljeaojdbpna] Week Index v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [ceenmgoldhkkegcnlieacjjhndklllkp] Frieven_s_Prox_1.8 v.1.26.18, (Activé)
G2 – GCE: Preference [User Data\Default] [mfhkgfigejkhikbkfkkglinnkfojkdek] Clock View v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [ldikpdnngdmeceeameoaannjilbjppnm] Custom Print v.0.1, (Activé)
G2 – GCE: Preference [User Data\Default] [ookcommfdhjlndngjeppjcolccnkjgho] Favicon Grabber v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [dnaojefanpmakfgcaliphepgoiiafmpf] video MediaPlay-Air v.1.26.35, (Activé)
G2 – GCE: Preference [User Data\Default] [mpfeggemggokijeahnacacopejaabljl] Plus-HD-2.6 v.1.23.7, (Activé )
G2 – GCE: Preference [User Data\Default] [ffhfoagmjcnkolneahbpagjcjjaeofbg] Browsers App v.1.26.10, (Activé)
G2 – GCE: Preference [User Data\Default] [hcbpgfdicpejhfdgnpnggefimkncelki] Auto Clip v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [kpiglpdbbmcnncekagalndhicllimchm] Reddit this! v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [onlnnachibjmjahfpoemhledlpakoicg] Remove Bloat! v.0.1 (Activé)
G2 – GCE: Preference [User Data\Default] [eeibjhjmddgcdbniedjoghdgbofbecad] Wiki Like v.0.1, (Activé)
G2 – GCE: Preference [User Data\Default] [dndpbhehbclolnjdfholblgioegcadih] BobyLyrics-15 v.1.25.15, (Activé)
G2 – GCE: Preference [User Data\Default] [jfmejhpappjkfglmlfgahliibnfgjibh] HQualityPro-1.6V03.10 v.1.26.33, (Désactivé)
G2 – GCE: Preference [User Data\Default] [hoidflomjnnnbiemmkjdjkkialmhbago] Browsers+_App+s+ v.1.26.9, (Activé)
G2 – GCE: Preference [User Data\Default] [cgbeihidkikgdcoogkeoeconphggdhop] Total-1.8 v.1.26.53, (Activé)
G2 – GCE: Preference [User Data\Default] [ofaemmlijemfcopjandkcndefpnacabg] HQual2y-v2.5V01.11 v.1.26.76, (Désactivé)
G2 – EXT: C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dndpbhehbclolnjdfholblgioegcadih [BobyLyrics-15]
G2 – EXT: C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek [Clock View]
G2 – EXT: C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceenmgoldhkkegcnlieacjjhndklllkp [Frieven_s_Prox_1.8]
G2 – EXT: C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [Text Highlighter]
G2 – EXT: C:\Users\Ryad\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlnnachibjmjahfpoemhledlpakoicg [Remove Bloat!]
G2 – EXT: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeibjhjmddgcdbniedjoghdgbofbecad [Wiki Like]
G2 – EXT: C:\Users\carolephiphi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaemmlijemfcopjandkcndefpnacabg [HQual2y-v2.5V01.11]
M2 – MFEP: prefs.js [Coolman – plj96prl.default\crossriderapp12765@crossrider.com] [] Savings Wave v2.0 (..)
M2 – MFEP: prefs.js [Coolman – plj96prl.default\crossriderapp2258@crossrider.com] [] I Want This v5.0.7.0 (..)
M2 – MFEP: prefs.js [Coolman – plj96prl.default\6be3335b-ef79-4b0b-a0ba-b87afbc6f4ad@6bbb4d2e-e33e-4fa5-9b37-934f4fb50182.com] [] Feven v (..)
O2 – BHO: CrossriderApp0012765 [64Bits] – {11111111-1111-1111-1111-110111271165} . (.Innovative Apps – Savings Wave BHO.) — C:\Program Files (x86)\Savings Wave\Savings Wave-bho.dll
O2 – BHO: CrossriderApp0027096 [64Bits] – {11111111-1111-1111-1111-110211701196} . (.Corporate Inc – Services x86 BHO.) — C:\Program Files (x86)\Services x86\Services x86-bho.dll
O2 – BHO: CrossriderApp0031554 [64Bits] – {11111111-1111-1111-1111-110311151154} . (.Feven – Feven BHO.) — C:\Program Files (x86)\Feven\Feven-bho.dll
O2 – BHO: HDvid-Codec V9.0 – {11111111-1111-1111-1111-110511131156} . (…) — c:\program files\hdvid-codec v9.0\HDvid-Codec V9.0-bho.dll
O2 – BHO: CrossriderApp0059599 [64Bits] – {11111111-1111-1111-1111-110511951199} . (.enter – video MediaPlay-Air BHO.) — C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll
O2 – BHO: Vaudix [64Bits] – {33352849-DE7E-1FEA-41E2-A93D67F34C33} . (…) — C:\Program Files (x86)\Vaudix\1Swh5Aa.dll
O2 – BHO: CrossriderApp0043914 [64Bits] – {11111111-1111-1111-1111-110411391114} . (.LKB boby soft – BobyLyrics-15 BHO.) — C:\Program Files (x86)\BobyLyrics-15\BobyLyrics-15-bho.dll
O2 – BHO: edccb4a004ec01329fbb0fbe6070a3f60063285 – {11111111-1111-1111-1111-110611321185} . (.HDPlus-01TotalV21.09 – TotalPlus01-3.1V21.09 BHO.) — C:\Program Files\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-bho.dll
O2 – BHO: e105fff0f3e80131b6584734478597d40061911 [64Bits] – {11111111-1111-1111-1111-110611191111} . (.iWebar – Ge-Force BHO.) — C:\Program Files (x86)\Ge-Force\Ge-Force-bho.dll
O4 – HKCU\..\Run: [fabulous_07261115] . (…) — c:\users\Coolman\appdata\local\fabulous_07261115\fabulous_07261115.exe
O4 – HKUS\S-1-5-21-1137401237-2199336907-3109346764-1000\..\Run: [fabulous_07261115] . (…) — c:\users\Coolman\appdata\local\fabulous_07261115\fabulous_07261115.exe
[MD5.6B927A0E10DD90F2189F66C3DB9DFAF3] [APT] [Updater12765.exe] (.Innovative Apps.) — C:\Users\Coolman\AppData\Local\Updater12765\Updater12765.exe [210312]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Feven-chromeinstaller.job [1872]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Feven-codedownloader.job [1176]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Feven-enabler.job [1076]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Feven-firefoxinstaller.job [1796]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\Feven-updater.job [1172]
O39 – APT: – (..) — C:\Windows\Tasks\BetterDeals-11-chromeinstaller.job [1976]
O39 – APT: – (..) — C:\Windows\Tasks\BetterDeals-11-codedownloader.job [1262]
O39 – APT: – (..) — C:\Windows\Tasks\BetterDeals-11-enabler.job [1162]
O39 – APT: – (..) — C:\Windows\Tasks\BetterDeals-11-firefoxinstaller.job [1900]
O39 – APT: – (..) — C:\Windows\Tasks\BetterDeals-11-updater.job [1356]
[MD5.3358CCA51C64ACF4968F0B78B1151B9D] [APT] [Feven-chromeinstaller] (.Feven.) — C:\Program Files (x86)\Feven\Feven-chromeinstaller.exe [464232]
[MD5.0F603FE8B10DB23F94A5891B477F6D91] [APT] [Feven-codedownloader] (.Feven.) — C:\Program Files (x86)\Feven\Feven-codedownloader.exe [478568]
[MD5.2DD33F1BBE254BE24A5B12D648817BC0] [APT] [Feven-enabler] (.Feven.) — C:\Program Files (x86)\Feven\Feven-enabler.exe [345960]
[MD5.DDED161DE2CB30DB7F32701C862693BB] [APT] [Feven-firefoxinstaller] (.Feven.) — C:\Program Files (x86)\Feven\Feven-firefoxinstaller.exe [725352]
[MD5.987F5D34F03D3C6D200C2A9955DC2FA1] [APT] [Feven-updater] (.Feven.) — C:\Program Files (x86)\Feven\Feven-updater.exe [364392]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\TubeSaver-chromeinstaller.job [1296]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\TubeSaver-codedownloader.job [1908]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\TubeSaver-enabler.job [1832]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\TubeSaver-firefoxinstaller.job [1200]
O39 – APT:Automatic Planified Task – C:\Windows\Tasks\TubeSaver-updater.job [1100]
O39 – APT:Automatic Planified Task – C:\WINDOWS\Tasks\video-high-codedownloader.job [1446]
O39 – APT:Automatic Planified Task – C:\WINDOWS\Tasks\video-high-enabler.job [1346]
O39 – APT:Automatic Planified Task – C:\WINDOWS\Tasks\video-high-firefoxinstaller.job [2506]
O39 – APT:Automatic Planified Task – C:\WINDOWS\Tasks\video-high-updater.job [1492]
[MD5.1F1C07E7DE9A70D97E11E7C083FA2331] [APT] [OnlineHD V6.0-chromeinstaller] (.installdaddy.) — C:\Program Files (x86)\OnlineHD V6.0\OnlineHD V6.0-chromeinstaller.exe [817664]
[MD5.178DAF15539807530486B929242CEDA2] [APT] [OnlineHD V6.0-codedownloader] (.installdaddy.) — C:\Program Files (x86)\OnlineHD V6.0\OnlineHD V6.0-codedownloader.exe [523776]
[MD5.8D06AD8D0935BD879E62F2927A7470E0] [APT] [OnlineHD V6.0-firefoxinstaller] (.installdaddy.) — C:\Program Files (x86)\OnlineHD V6.0\OnlineHD V6.0-firefoxinstaller.exe [886272]
[MD5.D05AE10289E2629973013F193F03B70B] [APT] [OnlineHD V6.0-updater] (.installdaddy.) — C:\Program Files (x86)\OnlineHD V6.0\OnlineHD V6.0-updater.exe [353792]
O39 – APT: OnlineHD V6.0-chromeinstaller – (.installdaddy.) — C:\Windows\Tasks\OnlineHD V6.0-chromeinstaller.job [2002]
O39 – APT: OnlineHD V6.0-chromeinstaller – (.installdaddy.) — C:\Windows\System32\Tasks\OnlineHD V6.0-chromeinstaller [2002]
O39 – APT: OnlineHD V6.0-codedownloader – (.installdaddy.) — C:\Windows\Tasks\OnlineHD V6.0-codedownloader.job [1244]
O39 – APT: OnlineHD V6.0-codedownloader – (.installdaddy.) — C:\Windows\System32\Tasks\OnlineHD V6.0-codedownloader [1244]
O39 – APT: OnlineHD V6.0-enabler – (…) — C:\Windows\Tasks\OnlineHD V6.0-enabler.job [1154]
O39 – APT: OnlineHD V6.0-enabler – (…) — C:\Windows\System32\Tasks\OnlineHD V6.0-enabler [1154]
O39 – APT: OnlineHD V6.0-firefoxinstaller – (.installdaddy.) — C:\Windows\Tasks\OnlineHD V6.0-firefoxinstaller.job [2236]
O39 – APT: OnlineHD V6.0-firefoxinstaller – (.installdaddy.) — C:\Windows\System32\Tasks\OnlineHD V6.0-firefoxinstaller [2236]
O39 – APT: OnlineHD V6.0-updater – (.installdaddy.) — C:\Windows\Tasks\OnlineHD V6.0-updater.job [1352]
O39 – APT: OnlineHD V6.0-updater – (.installdaddy.) — C:\Windows\System32\Tasks\OnlineHD V6.0-updater [1352]
[MD5.FD4B699623E3BFCD0F23B1DCC290A208] [APT] [BobyLyrics-15-chromeinstaller] (.LKB boby soft.) — C:\Program Files (x86)\BobyLyrics-15\BobyLyrics-15-chromeinstaller.exe [471040]
[MD5.147579A8789B144AAAC67258297963A1] [APT] [BobyLyrics-15-codedownloader] (.LKB boby soft.) — C:\Program Files (x86)\BobyLyrics-15\BobyLyrics-15-codedownloader.exe [494592]
[MD5.3829BEB6C6E5E6EE689DAEF19419236A] [APT] [BobyLyrics-15-enabler] (.LKB boby soft.) — C:\Program Files (x86)\BobyLyrics-15\BobyLyrics-15-enabler.exe [355840]
[MD5.91CEF1E7BC7CC35BFB4BE523CB509567] [APT] [BobyLyrics-15-firefoxinstaller] (.LKB boby soft.) — C:\Program Files (x86)\BobyLyrics-15\BobyLyrics-15-firefoxinstaller.exe [732160]
61F330E3F24D8FBDD3A7A02F7F52FEBF] [APT] [55d88d94-6b9b-4c81-bb2c-9653d27581f8-1] (.HDPlus-01TotalV21.09.) — C:\Program Files\TotalPlus01-3.1V21.09\TotalPlus01-3.1V21.09-codedownloader.exe [1110936]
[MD5.66EFD4D54C14927D74DD590E6CD29A5B] [APT] [55d88d94-6b9b-4c81-bb2c-9653d27581f8-11] (.HDPlus-01TotalV21.09.) — C:\Program Files\TotalPlus01-3.1V21.09\55d88d94-6b9b-4c81-bb2c-9653d27581f8-11.exe [1965464]
O39 – APT: ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-11 – (.smarts.) — C:\Windows\System32\Tasks\ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-11 [4490]
O39 – APT: ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-5_user – (.smarts.) — C:\Windows\Tasks\ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-5_user.job [1696]
[MD5.CE6C8D1B2BE9E1C93E150C0BA518E03F] [APT] [d1d2c144-47e8-4a2a-8b2a-51a0abf46219-4] (.HighD7.) — C:\Program Files (x86)\HighD-V11\d1d2c144-47e8-4a2a-8b2a-51a0abf46219-4.exe [1435512]
[MD5.94664AD21A2B6383BA1BE658B2C7F6C0] [APT] [dc28f4f3-f705-4d8e-a99d-369241422a99] (…) — C:\Program Files (x86)\HighD-V11\dc28f4f3-f705-4d8e-a99d-369241422a99.exe [32120]
O42 – Logiciel: Savings Wave – (.Innovative Apps.) [HKLM][64Bits] — Savings Wave
O42 – Logiciel: Services x86 – (.Corporate Inc.) [HKLM][64Bits] — Services x86
O42 – Logiciel: video-high – (.videohq.) [HKLM] — video-high
O42 – Logiciel: BetterDeals-11 – (.BetterDeals.) [HKLM][64Bits] — BetterDeals-11
O42 – Logiciel: Fpro1.2 – (.Freeven.) [HKLM] — Fpro1.2
O42 – Logiciel: MPlayerplus – (.Freeven.) [HKLM] — MPlayerplus
O42 – Logiciel: video MediaPlay-Air – (.enter.) [HKLM][64Bits] — video MediaPlay-Air
O42 – Logiciel: HQPureV1.8 – (.HQPure.) [HKLM][64Bits] — HQPureV1.8
O42 – Logiciel: Fabulous discounts – (…) [HKCU] — fabulous_07261115
O42 – Logiciel: Browsers App – (.browser.) [HKLM][64Bits] — Browsers App
O42 – Logiciel: CinamHDPureV9.5 – (.CinamHDPure.) [HKLM][64Bits] — CinamHDPureV9.5
O42 – Logiciel: BobyLyrics-15 – (.LKB boby soft.) [HKLM][64Bits] — BobyLyrics-15
O42 – Logiciel: TotalPlus01-3.1V21.09 – (.HDPlus-01TotalV21.09.) [HKLM] — TotalPlus01-3.1V21.09
O42 – Logiciel: BrowsersAppProPlus-v2.3 – (.browser.) [HKLM][64Bits] — BrowsersAppProPlus-v2.3
O42 – Logiciel: BrowserPlusBApps_version10.1 – (.App.) [HKLM][64Bits] — BrowserPlusBApps_version10.1
O42 – Logiciel: BROsrAppsEd3 – (.BrowserServiApp23.) [HKLM] — BROsrAppsEd3
O42 – Logiciel: MPPlayvideoEd2.0 – (.MediaProPlayer+.) [HKLM] — MPPlayvideoEd2.0
O42 – Logiciel: MedPlayV3.1 – (.PlayersMComp.) [HKLM] — MedPlayV3.1
[HKLM\Software\Wow6432Node\Services x86]
[HKCU\Software\AppDataLow\Software\Services x86]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Savings Wave]
[HKCU\Software\Cr_Installer]
[HKLM\Software\Shop-Up]
[HKCU\Software\video-high]
[HKCU\Software\AppDataLow\Software\Frieven_s_Prox_1.8]
[HKCU\Software\AppDataLow\Software\video MediaPlay-Air]
[HKCU\Software\fabulous]
[HKCU\Software\AppDataLow\Software\Browsers App]
[HKLM\Software\Wow6432Node\CinamHDPureV9.5-nv]
[HKCU\Software\AppDataLow\Software\BobyLyrics-15]
[HKLM\Software\Wow6432Node\V-9.1HQ-nv]
[HKCU\Software\AppDataLow\Software\winservice86]
[HKLM\Software\Wow6432Node\winservice86-nv]
[HKLM\Software\Wow6432Node\winservice86]
[HKCU\Software\AppDataLow\Software\TotalPlus01-3.1V21.09]
[HKCU\Software\HBLDI]
[HKLM\Software\Browsers+_App+s+-nv]
[HKLM\Software\Browsers+_App+s+]
[HKCU\Software\AppDataLow\Software\BrowsersAppProPlus-v2.3]
[HKLM\Software\HQual2y-v2.5V01.11-nv]
[HKLM\Software\Wow6432Node\HQual2y-v2.5V01.11-nv]
[HKLM\Software\Wow6432Node\VideoMedia+Player_v2.3-nv]
[HKCU\Software\AppDataLow\Software\HD_Quality_v1.1V21.11]
[HKCU\Software\AppDataLow\Software\I – Cinema]
[HKLM\Software\Wow6432Node\I – Cinema-nv]
[HKLM\Software\Wow6432Node\Ge-Force]
[HKCU\Software\SavePass 1.1-nv]
[HKCU\Software\SavePass 1.1]
[HKCU\Software\Sense-nv]
[HKLM\Software\CinPlus-2.4cV03.12-nv]
O43 – CFD: 07/04/2013 – 00:38:19 – [0,009] —-D C:\Users\Coolman\AppData\Local\Services x86
O43 – CFD: 02/04/2013 – 18:59:59 – [0] —-D C:\Users\Coolman\AppData\Local\Savings Wave
O43 – CFD: 18/05/2013 – 17:52:32 – [0,201] —-D C:\Users\Coolman\AppData\Local\Updater12765
O43 – CFD: 20/05/2013 – 15:11:27 – [4,447] —-D C:\Program Files (x86)\Services x86
O43 – CFD: 06/10/2013 – 21:26:41 – [5,338] —-D C:\Program Files\Shop-Up
O43 – CFD: 09/03/2014 – 19:01:31 – [5,541] —-D C:\Program Files\video-high
O43 – CFD: 25/04/2014 – 03:20:22 – [] —-D C:\Program Files (x86)\BetterDeals-11
O43 – CFD: 11/05/2014 – 21:29:15 – [] —-D C:\Program Files (x86)\BobyLyrics-15
O43 – CFD: 09/06/2014 – 19:01:31 – [] —-D c:\program files\HDvid-Codec V9.0
O43 – CFD: 09/06/2014 – 19:01:31 – [] —-D c:\program files\hdvidcodec.com
O43 – CFD: 23/07/2014 – 02:07:42 – [] —-D C:\Program Files (x86)\video MediaPlay-Air
O43 – CFD: 22/07/2014 – 23:17:02 – [] —-D C:\Program Files (x86)\HQPureV1.8
O43 – CFD: 26/07/2014 – 13:15:32 – [] —-D C:\Users\Coolman\AppData\Local\fabulous_07261115
O43 – CFD: 31/07/2014 – 20:07:44 – [] —-D C:\Program Files (x86)\Browsers App
O43 – CFD: 18/08/2014 – 01:36:34 – [] —-D C:\Program Files (x86)\CinamHDPureV9.5
O43 – CFD: 16/09/2014 – 19:47:05 – [] —-D C:\Program Files (x86)\winservice86
O43 – CFD: 21/09/2014 – 17:06:31 – [] —-D C:\Program Files\TotalPlus01-3.1V21.09
O43 – CFD: 02/12/2014 – 14:16:48 – [] —-D C:\Program Files (x86)\Ge-Force
O43 – CFD: 01/12/2014 – 16:25:24 – [0] —-D C:\Program Files\Cinema Video Pro 2.1V14.11
O43 – CFD: 15/02/2015 – 22:43:22 – [] —-D C:\Program Files\MedPlayV3.1
O61 – LFC: 18/05/2013 – 16:54:35 —A- C:\Users\Coolman\AppData\Roaming\Desk 365\icons\chrome_1da37a02e412dbdb6c2392f85ed86555.ico [55773]
O61 – LFC: 18/05/2013 – 16:54:35 —A- C:\Users\Coolman\AppData\Roaming\Desk 365\icons\firefox_266215028a0bf0cee2a4f5132062976d.ico [295606]
O61 – LFC: 26/07/2014 – 13:17:01 —A- . (…) — C:\Users\Coolman\AppData\Local\fabulous_07261115\fabulous_07261115.exe [2293760]
O69 – SBI: prefs.js [Coolman – rwby5je5.default] user_pref(« extensions.crossrider.bic », « 13de1811d542bec9b2bf2643f3b612eb »);
O69 – SBI: prefs.js [Coolman – tlj96prl.default] user_pref(« extensions.crossriderapp12765.12765.InstallationThankYouPage », true);
[HKCR\CLSID\{22222222-2222-2222-2222-220522312272}] (CrossriderApp0053172.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522422246}] (CrossriderApp0054246.Sandbox) =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savings Wave]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Services x86]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BetterDeals-11]
[HKLM\Software\Wow6432Node\Services x86]
[HKCU\Software\AppDataLow\Software\Services x86]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Savings Wave]
[HKCU\Software\Cr_Installer]
[HKLM\Software\Classes\CrossriderApp0002258.BHO.1]
[HKLM\Software\Classes\CrossriderApp0002258.FBApi.1]
[HKLM\Software\Classes\CrossriderApp0002258.Sandbox.1]
[HKLM\Software\Google\Chrome\Extensions\lglkfgcmohcdajpldlnhjjiojjgkbmhm]
[HKLM\Software\Google\Chrome\Extensions\kigpmgkoelepakabiliblldhdpnidcod]
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lglkfgcmohcdajpldlnhjjiojjgkbmhm
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigpmgkoelepakabiliblldhdpnidcod
C:\Users\Coolman\AppData\Local\Services x86
C:\Users\Coolman\AppData\Local\Savings Wave
C:\Users\Coolman\AppData\Local\Updater12765
C:\Program Files (x86)\Services x86
C:\Program Files (x86)\Feven
C:\Program Files\Shop-Up
C:\WINDOWS\tasks\Shop-Up-updater.job
C:\WINDOWS\tasks\Shop-Up-enabler.job
C:\WINDOWS\tasks\Shop-Up-chromeinstaller.job
C:\WINDOWS\tasks\Shop-Up-firefoxinstaller.job
C:\WINDOWS\tasks\Shop-Up-codedownloader.job
C:\Program Files (x86)\Shop-Up
C:\Program Files (x86)\Shop-Up\Shop-Up-updater.exe
C:\Program Files (x86)\Shop-Up\Shop-Up-firefoxinstaller.exe
C:\Program Files (x86)\Shop-Up\Shop-Up-enabler.exe
C:\Program Files (x86)\Shop-Up\Shop-Up-codedownloader.exe
C:\Program Files (x86)\Shop-Up\Shop-Up-chromeinstaller.exe
C:\Program Files (x86)\BetterDeals-11
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhkgfigejkhikbkfkkglinnkfojkdek\1.26.10_0\crossrider
C:\Windows\Tasks\HDvid-Codec V9.0-chromeinstaller.job
C:\Windows\System32\Tasks\HDvid-Codec V9.0-chromeinstaller
C:\Windows\Tasks\HDvid-Codec V9.0-codedownloader.job
C:\Windows\System32\Tasks\HDvid-Codec V9.0-codedownloader
C:\Windows\Tasks\HDvid-Codec V9.0-enabler.job
C:\Windows\System32\Tasks\HDvid-Codec V9.0-enabler
C:\Windows\Tasks\HDvid-Codec V9.0-firefoxinstaller.job
C:\Windows\System32\Tasks\HDvid-Codec V9.0-firefoxinstaller
C:\Windows\Tasks\HDvid-Codec V9.0-updater.job
C:\Windows\System32\Tasks\HDvid-Codec V9.0-updater
C:\Program Files (x86)\Ultimate Companion\ultimate_companion_helper_service.exe

Recensé le 22/06/2016
[MD5.237AAA173D673B77740BE6AE3359AE47] – (…) — C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\hnsyEE62.tmp [138240] [PID.2096]
[MD5.AB798F6DF51BCCB31E1E42E5F77ACB4F] – (…) — C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\jnstD52B.tmp [244224] [PID.2260]
[MD5.5247686493366E09A2C4BF0C9A9369D9] – (…) — C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\knsq79B2.tmp [356352] [PID.4660]
SR – Auto [22/06/2016] [ 244224] Renew Single Click (dowidoly) . (…) – C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\jnstD52B.tmp
SR – Auto [22/06/2016] [ 138240] Reservation Plastic (rijufoze) . (…) – C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\hnsyEE62.tmp
SR – Auto [22/06/2016] [ 356352] Check Default (vopudypezbt) . (…) – C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A\knsq79B2.tmp
O43 – CFD: 22/06/2016 – [] D — C:\Program Files (x86)\4C4C4544-1466548252-3510-8052-C7C04F4B344A
HKLM\SYSTEM\CurrentControlSet\Services\dowidoly
HKLM\SYSTEM\CurrentControlSet\Services\rijufoze
HKLM\SYSTEM\CurrentControlSet\Services\vopudypezbt

Alias

PUP.Optional.Crossrider [Malwarebytes]
Adware.CrossRider [Malwarebytes]
a variant of Win32/Toolbar.CrossRider.AX [ESET-NOD32]

Editeurs associés

BetterDeals,
CinamHDPure
Corporate Inc,
Freeven,
Innovative Apps,
LKB boby soft

Comment supprimer ?

windows10-supprimer-reparer-programme

Support Microsoft

zhpcleaner

Supprimer avec ZHPCleaner

ZHPDiag

Diagnostiquer avec ZHPDiag

A lire

- Définition d'un logiciel superfluous (Superflu) - Définition d'un PUP/LPI

[

Responsabilité :   Le principe d'absence de responsabilité du site d'origine, au regard des contenus des sites cibles pointés, est rappelé par l'arrêt du 19 septembre 2001 de la Cour d'Appel de Paris. Les propos que je tiens ici reflètent mon opinion et sont des suggestions - le visiteur n'est pas obligé de les suivre."

2016-10-13T14:39:40+00:00 Adware, Conseils, Hijacker, LPI, Polluteware, PUP, Toolbar|Commentaires fermés sur Conseils : Logiciel Publicitaire CrossRider (Adware)