Script ZHPFix G2 - GCE: Preference [User Data\Default] [dlfienamagdnkekbbbocojppncdambda] Complitly plugin for chrome v.1.1 (Désactivé) =>Adware.PredictAd G2 - GCE: Preference [User Data\Default] [eikjfnpbaomplficjoennadfnacbmiaa] Torntv V7.0 v.1.26.13, (Activé) =>Hijacker.TornTV O42 - Logiciel: Webplayer version 1.0 - (...) [HKLM] -- {0A9893CE-951C-4CD0-A31C-84CCDD7A0077}_is1 => Infection PUP (Adware.SocialSkinz) O45 - LFCP:[MD5.8920C954DDAF5A4AC5AF9D3B18D204DD] - 23/02/2014 - 12:44:49 ---A- - C:\Windows\Prefetch\DUUQUUPDATE.EXE-32E493F5.pf =>PUP.Duuqu O45 - LFCP:[MD5.3EB7F6ACB70ABAA26BA2A7AA539AF726] - 23/02/2014 - 16:37:02 ---A- - C:\Windows\Prefetch\TORNTV V7.0-CODEDOWNLOADER.EX-98123996.pf =>Hijacker.TornTV O45 - LFCP:[MD5.3EDDC8C1B158043C586C147D0A743635] - 23/02/2014 - 16:37:02 ---A- - C:\Windows\Prefetch\TORNTV V7.0-ENABLER.EXE-54083C19.pf =>Hijacker.TornTV O45 - LFCP:[MD5.3F2FB643A6F5F89C3D73EE6FC30CB883] - 23/02/2014 - 16:37:03 ---A- - C:\Windows\Prefetch\TORNTV V7.0-UPDATER.EXE-56C2D88D.pf =>Hijacker.TornTV O45 - LFCP:[MD5.35E9C439495B9A7B751CFCA0876F8896] - 23/02/2014 - 18:47:31 ---A- - C:\Windows\Prefetch\TORNTV V7.0-FIREFOXINSTALLER.-B601F4A1.pf =>Hijacker.TornTV O51 - MPSK:{47ab6bc7-c9b9-11e0-aebb-001d096139a5}\AutoRun\command. (...) -- H:\m.exe (.not file.) => Infection USB (Trojan.USB) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\pauline\AppData\Local\Beamrise\Application\beamrise.exe (.not file.) =>Hijacker.Beamrise O87 - FAEL: "{FD98BB67-A032-4723-ABC1-2AD6F3B15605}" |In - None - P6 - TRUE | .(...) -- C:\Users\pauline\AppData\Local\Beamrise\Application\29.3.0.7500\services\windows-x86-skypekit.exe (.not file.) =>Hijacker.Beamrise O87 - FAEL: "{58C2C92C-1222-48D2-9478-8E31600DC347}" |Out - None - P6 - TRUE | .(...) -- C:\Users\pauline\AppData\Local\Beamrise\Application\29.3.0.7500\services\windows-x86-skypekit.exe (.not file.) =>Hijacker.Beamrise O87 - FAEL: "{52AA17F1-1C93-486F-B4B5-4E34DD5491EA}" |In - None - P6 - TRUE | .(...) -- C:\Users\pauline\AppData\Local\Beamrise\Application\29.3.0.7500\windows-x86-skypekit.exe (.not file.) =>Hijacker.Beamrise O87 - FAEL: "{6E5D67ED-B62B-4E91-A935-C2DA43D35249}" |Out - None - P6 - TRUE | .(...) -- C:\Users\pauline\AppData\Local\Beamrise\Application\29.3.0.7500\windows-x86-skypekit.exe (.not file.) =>Hijacker.Beamrise [HKLM\Software\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda] =>Adware.PredictAd^ [HKLM\Software\Google\Chrome\Extensions\eikjfnpbaomplficjoennadfnacbmiaa] =>Hijacker.TornTV^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0A9893CE-951C-4CD0-A31C-84CCDD7A0077}_is1] =>Adware.SocialSkinz C:\Users\pauline\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda =>Adware.PredictAd^ C:\Users\pauline\AppData\Local\Google\Chrome\User Data\Default\Extensions\eikjfnpbaomplficjoennadfnacbmiaa =>Hijacker.TornTV^ C:\Users\pauline\AppData\Local\Temp\OB.exe =>PUP.OfferBox C:\Users\pauline\AppData\Local\Temp\MyBabylonTB.exe =>PUP.SweetIM C:\Users\pauline\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon C:\Users\pauline\AppData\Local\Temp\Kreapixel_addonAcPro.exe =>Adware.PredictAd C:\Users\pauline\AppData\Local\Temp\Umbrella.exe1cbc96d9 =>Adware.IMBooster C:\Users\pauline\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js (.not file.) => Fichier absent O4 - GS\Accessories [pauline]: Run.lnk - Clé orpheline => Orphean Key not necessary O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline => Orphean Key not necessary O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline => Orphean Key not necessary O45 - LFCP:[MD5.799196F427F06152ED7C873473261C42] - 23/02/2014 - 22:35:59 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.D25FFE77DDF13EE07635E163F61D5D33] - 23/02/2014 - 23:33:00 ---A- - C:\Windows\Prefetch\DELLDOCK.EXE-07835F28.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.4B8CE401D72336F3B3C6241C80295EF8] - 24/02/2014 - 06:58:33 ---A- - C:\Windows\Prefetch\AVAST.SETUP-0294E3FE.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.2AEF3373D4FF82EA68AA0E6C91E0BE9C] - 24/02/2014 - 07:04:09 ---A- - C:\Windows\Prefetch\BUBBLES.SCR-6885EEB6.pf => Fichier du dossier Prefetcher O45 - LFCP:[MD5.49F54D68967BEC5687619C7019F9A6E3] - 24/02/2014 - 10:31:59 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1599009366-3903722537-4000223267-1000.db => Fichier du dossier Prefetcher O45 - LFCP:[MD5.D69171756F35C38AA736FBF61B7AA711] - 24/02/2014 - 10:31:59 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1599009366-3903722537-4000223267-1000.db => Fichier du dossier Prefetcher O51 - MPSK:{392aac57-3881-11de-b267-001d096139a5}\AutoRun\command - Clé orpheline => Orphean Key not necessary O61 - LFC: 21/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4488_18168\crl-set [1308] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4488_18168\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4488_18168\manifest.json [34] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_13718\crl-set [783] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_13718\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_13718\manifest.json [34] => Temporary file not necessary O61 - LFC: 21/02/2014 - 10:42:08 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\wmplog05.sqm [1804] => Temporary file not necessary O61 - LFC: 22/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_8920\crl-set [828] => Temporary file not necessary O61 - LFC: 22/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_8920\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 22/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\592_8920\manifest.json [34] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\6028_1487\crl-set [716] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\6028_1487\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:42 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\6028_1487\manifest.json [34] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:44 --HA- . (...) -- C:\Users\pauline\AppData\Local\Temp\etilqs_DHLDIKfRZr2fpdZ [12300] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:44 --HA- . (...) -- C:\Users\pauline\AppData\Local\Temp\etilqs_E4lQWUcVk7VYI6u [4] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:45 --HA- . (...) -- C:\Users\pauline\AppData\Local\Temp\etilqs_LIHCaaijaAZ7arL [4100] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:38:45 --HA- . (...) -- C:\Users\pauline\AppData\Local\Temp\etilqs_lFCVJwc5bNcpX99 [20500] => Temporary file not necessary O61 - LFC: 23/02/2014 - 10:39:04 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\pauline.bmp [31832] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:40 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\2676_25020\crl-set [547] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:40 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\2676_25020\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:40 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\2676_25020\manifest.json [34] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4828_11339\crl-set [564] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4828_11339\manifest.fingerprint [12] => Temporary file not necessary O61 - LFC: 24/02/2014 - 10:38:41 ---A- . (...) -- C:\Users\pauline\AppData\Local\Temp\4828_11339\manifest.json [34] => Temporary file not necessary O87 - FAEL: "{AF28F0E0-DACA-482B-83DD-8705EC3AE3C2}" |In - Private - P6 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.) => Fichier absent O87 - FAEL: "{2143D0DC-8ABD-4BA6-BEB5-B6CA589CB60C}" |In - Private - P17 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.) => Fichier absent O87 - FAEL: "TCP Query User{DBC4EC7E-1C82-4480-95DB-3989955D7130}C:\program files\distens\lecteurdistens.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\distens\lecteurdistens.exe (.not file.) => Fichier absent O87 - FAEL: "UDP Query User{667C85A2-81C2-4C31-9A4C-03D928EEA896}C:\program files\distens\lecteurdistens.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\distens\lecteurdistens.exe (.not file.) => Fichier absent ShortcutFix FirewallRaz Emptytemp SysRestore