Script ZHPFix O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {BC5F0435-BB76-46AE-A070-ED6A9ED01D79} =>Adware.IMBooster O43 - CFD: 22/01/2014 - 16:18:10 - [0] ----D C:\Users\User\AppData\Local\Software O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch O90 - PUC: "5340F5CB67BBEA640A07DEA6E90DD197" . (.Iminent.) -- C:\Windows\Installer\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}\imbooster.ico =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}] =>Adware.IMBooster^ [HKLM\Software\Classes\Installer\Features\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster [HKLM\Software\Classes\Installer\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Installer\Features\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Installer\Products\5340F5CB67BBEA640A07DEA6E90DD197] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC5F0435-BB76-46AE-A070-ED6A9ED01D79}] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ C:\Users\User\AppData\Local\Software =>Adware.Boxore Malware (16) O4 - HKLM\..\Wow6432Node\Run: [LanguageShortcut] . (.Pas de propriétaire - Language Application.) -- C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe Inutile (1) R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr O4 - GS\Desktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe O4 - GS\QuickLaunch [User]: IncrediMail 2.0.lnk . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O4 - GS\QuickLaunch [User]: My LastPass Vault.lnk - Clé orpheline O4 - GS\Accessories [User]: Run.lnk - Clé orpheline [MD5.00000000000000000000000000000000] [APT] [{3E07350B-7880-4A61-9B5E-F0E741E09859}] (...) -- C:\Users\User\Downloads\Works632_fr-FR.msi" (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{46CF62B4-D72F-44B8-B501-9F1C970FAAC7}] (...) -- C:\Users\User\Mes images\Silverlight.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6BA4B77F-9613-45FE-ADC2-D2E81570A1A2}] (...) -- C:\Users\User\Downloads\Setup lexmark.exe (.not file.) [0] [MD5.4D651B52402D1C3F43F46E22E5B11830] [APT] [{758268BB-3F29-482C-AB42-6BA13963B384}] (...) -- C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe [121408] [MD5.00000000000000000000000000000000] [APT] [{90DE59E1-DB0F-4083-94B2-7DA8A97AFD4F}] (...) -- C:\Users\User\Downloads\Silverlight.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FF65BB16-346B-45BF-B7BB-4F4EE1E548EE}] (...) -- D:\Display_menu.exe (.not file.) [0] O41 - Driver: (aswTdi) . (. - .) - C:\Windows\system32\drivers\aswTdi.sys (.not file.) O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508} O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM][64Bits] -- Photo Notifier and Animation Creator [HKCU\Software\IncrediMail] O43 - CFD: 22/01/2014 - 16:08:51 - [26,266] ----D C:\Program Files (x86)\IncrediMail O43 - CFD: 22/01/2014 - 16:09:44 - [0] ----D C:\ProgramData\IM O43 - CFD: 22/01/2014 - 16:09:44 - [6,721] ----D C:\ProgramData\IncrediMail O43 - CFD: 22/01/2014 - 16:17:35 - [66,200] ----D C:\Users\User\AppData\Local\IM O44 - LFC:[MD5.C2C5CB3DFA948485CDEC97899E5D796B] - 22/01/2014 - 15:12:08 ---A- . (...) -- C:\lxdj.log [2111] O44 - LFC:[MD5.9F848D6117240463D2E7D40A6008122E] - 22/01/2014 - 15:44:31 ---A- . (...) -- C:\Windows\WindowsUpdate (1).log [2038376] O44 - LFC:[MD5.FF117A7C810D1338DEC7A02AC08D4FFC] - 22/01/2014 - 16:05:32 ---A- . (...) -- C:\Windows\TSSysprep.log [1355] O44 - LFC:[MD5.B63F0EC19DDA41F86C2B4577381E40BB] - 22/01/2014 - 16:21:14 ---A- . (...) -- C:\Windows\DtcInstall.log [5157] O44 - LFC:[MD5.E057D442F151D36B7D3002F7462D75B0] - 22/01/2014 - 16:28:28 ---A- . (...) -- C:\Windows\comsetup.log [6161] O44 - LFC:[MD5.A340163A0E7C565751E6EC645C4081F8] - 22/01/2014 - 17:15:16 ---A- . (...) -- C:\Windows\IE9_main.log [4135] O44 - LFC:[MD5.85D6E8F735865B502D65D1D91A79E3F3] - 22/01/2014 - 17:58:25 ---A- . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe [294912] O44 - LFC:[MD5.71A237DCB0D808AC46657FADEA86E84B] - 22/01/2014 - 22:32:50 ---A- . (...) -- C:\Windows\IE10_main.log [21423] O44 - LFC:[MD5.14F984AF9FE4EA0346831556F2E3EC5E] - 22/01/2014 - 23:15:10 ---A- . (...) -- C:\Windows\IE11_main.log [21407] O45 - LFCP:[MD5.598D6C6C7667D3322AC6CA9DD64DF55E] - 22/01/2014 - 16:03:48 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.5AD4AA393E779BD6ADA334A3636C6CD7] - 22/01/2014 - 16:21:13 ---A- - C:\Windows\Prefetch\MCSPAD.EXE-EB3B9AB4.pf O45 - LFCP:[MD5.758967236B1BA48DEC076731630ED966] - 22/01/2014 - 16:24:12 ---A- - C:\Windows\Prefetch\UPGHOST.EXE-678E2D0F.pf O45 - LFCP:[MD5.3FA49282E286873CE5CD2434601383E1] - 22/01/2014 - 16:40:56 ---A- - C:\Windows\Prefetch\NETFXREPAIR.EXE-942AD46D.pf O45 - LFCP:[MD5.8B7DA9DAC700A44264731E6D1FC1B7CD] - 22/01/2014 - 16:40:57 ---A- - C:\Windows\Prefetch\SETUP.EXE-82D33FDD.pf O45 - LFCP:[MD5.D5DCA8D6208F821F947D088A13F16465] - 22/01/2014 - 16:41:20 ---A- - C:\Windows\Prefetch\WUAPP64.EXE-3C549E5D.pf O45 - LFCP:[MD5.3BA0E6B1DFAD8A9FD587435457D37B35] - 22/01/2014 - 16:41:21 ---A- - C:\Windows\Prefetch\NEWDEV.EXE-B79B8DE5.pf O45 - LFCP:[MD5.690C9161EEA71F92F3610D09C87663A0] - 22/01/2014 - 16:46:07 ---A- - C:\Windows\Prefetch\WUSETUPV.EXE-C61614F3.pf O45 - LFCP:[MD5.B91917EB0F086C5761B5B5AE2FFE69E2] - 22/01/2014 - 16:49:48 ---A- - C:\Windows\Prefetch\ASPNET_REGIIS.EXE-75651A3C.pf O45 - LFCP:[MD5.E24A7466C4E70180630DB2EFA7A685AF] - 22/01/2014 - 19:02:42 ---A- - C:\Windows\Prefetch\P2PHOST.EXE-F7104010.pf O45 - LFCP:[MD5.82B0E33089358A7219B03C837BD39908] - 22/01/2014 - 23:22:20 ---A- - C:\Windows\Prefetch\MEDIACENTER.EXE-7E199886.pf O45 - LFCP:[MD5.631C50F33945FBC29CBCC2831C6FA363] - 23/01/2014 - 09:43:46 ---A- - C:\Windows\Prefetch\HKCMD.EXE-AE1DFF3B.pf O45 - LFCP:[MD5.EF9B70DE82705112532DC2AE8C6F4B17] - 23/01/2014 - 09:44:11 ---A- - C:\Windows\Prefetch\CNSLMAIN.EXE-45AEDFDB.pf O45 - LFCP:[MD5.C188100A26D983EF7D2BD03350993CE6] - 23/01/2014 - 09:44:14 ---A- - C:\Windows\Prefetch\WRTMON.EXE-33FB9300.pf O45 - LFCP:[MD5.EDC316DB99C432446F8C3FF52F52B93A] - 27/01/2014 - 11:54:00 ---A- - C:\Windows\Prefetch\MEDIACENTER.EXE-80BAE6E7.pf O45 - LFCP:[MD5.9EA9ACCBC1C7A945FC240A82B90F8DB4] - 27/01/2014 - 11:54:12 ---A- - C:\Windows\Prefetch\LPUNINSTALL.EXE-37AC4923.pf O45 - LFCP:[MD5.A6BBD822CE5890207187D40201FAFF64] - 27/01/2014 - 20:11:52 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1371416811-3262912710-2059245049-1000.db O45 - LFCP:[MD5.9CF3C21B3E30CF390AFEE752044083EC] - 27/01/2014 - 20:12:03 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1371416811-3262912710-2059245049-1000.db O45 - LFCP:[MD5.30DA5C7F525DD2417D70757A7C328335] - 27/01/2014 - 22:30:15 ---A- - C:\Windows\Prefetch\WRTPROC.EXE-51817D72.pf O45 - LFCP:[MD5.4344BB4CDE7A94E4E4FA4575D886EC7E] - 28/01/2014 - 10:22:03 ---A- - C:\Windows\Prefetch\HTTPD.EXE-DC628125.pf O45 - LFCP:[MD5.C710204112A6F32F1B3248DC9FB41677] - 28/01/2014 - 10:23:54 ---A- - C:\Windows\Prefetch\LWS.EXE-ADF1B8CA.pf O45 - LFCP:[MD5.6D82B81A2B802F5A111FF1EC020B2073] - 28/01/2014 - 10:25:11 ---A- - C:\Windows\Prefetch\SSBKGDUPDATE.EXE-5DA0A56F.pf O45 - LFCP:[MD5.CFC88E824B1AD133DF1A96ECB1F61E80] - 28/01/2014 - 10:25:18 ---A- - C:\Windows\Prefetch\OPWARESE4.EXE-DB968F18.pf O45 - LFCP:[MD5.A35204A9424B40E1553970C4AC399A60] - 28/01/2014 - 10:25:20 ---A- - C:\Windows\Prefetch\PDVDSERV.EXE-6B2057E9.pf O61 - LFC: 28/01/2014 - 11:25:58 ---A- . (...) -- C:\Users\User\AppData\Local\Temp\LWSDebugOut.txt [25458] [MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\User\AppData\Local\Temp\Quarantine.exe [360073] O87 - FAEL: "{0404BE86-0558-4FE2-AC49-F6B707F364E3}" |In - Domain - P17 - FALSE | .(...) -- D:\Rosetta Stone v3 [Windows] [byELDI]\daemon4301-lite.exe (.not file.) O87 - FAEL: "{DF4AF1BA-C87C-44D7-AB37-B692464C04F6}" |In - Domain - P6 - FALSE | .(...) -- D:\Rosetta Stone v3 [Windows] [byELDI]\daemon4301-lite.exe (.not file.) O87 - FAEL: "{3CC95493-CB8E-416D-A851-3734427E84E2}" |In - Private - P17 - TRUE | .(...) -- D:\Rosetta Stone v3 [Windows] [byELDI]\daemon4301-lite.exe (.not file.) O87 - FAEL: "{15A5B89C-D79E-4B94-ADE9-FCA15BF1ED1E}" |In - Private - P6 - TRUE | .(...) -- D:\Rosetta Stone v3 [Windows] [byELDI]\daemon4301-lite.exe (.not file.) O87 - FAEL: "{C1F2D040-C2C9-495F-9842-0820E031414A}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O87 - FAEL: "{B5B136D3-66B0-45EF-B348-2122A4A4983A}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe O87 - FAEL: "{56339C24-600D-4CF6-B3DF-A450493F77D2}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{F9F39D85-0306-48DD-8996-5D33CAB7673B}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Content Importer.) -- C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe O87 - FAEL: "{AB4C9CBC-191C-4FEE-AEEF-675B5BA30993}" | In - Private - P17 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe O87 - FAEL: "{991DCFD9-ACAD-476A-A127-68E6ED127A1D}" | In - Private - P6 - FALSE | .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe O90 - PUC: "49C22FC2963140C4A9F54ACBD6195B80" . (.IncrediMail.) -- C:\Windows\Installer\{2CF22C94-1369-4C04-9A5F-A4BC6D91B508}\ARPPRODUCTICON.exe [MD5.64FA0389539DFDB132C90A87273B1139] [WIS][05/01/2013] (.IncrediMail - IncrediMail.) -- C:\Windows\Installer\99b6f2.msi [2836992] Superflu (67) O51 - MPSK:{8bc490de-1c5e-11e1-9bb1-806e6f6e6963}\AutoRun\command. (...) -- D:\Setup.exe (.not file.) Variable, suspect O43 - CFD: 22/01/2014 - 16:09:49 - [0] ----D C:\ProgramData\McAfee Trace vieux AV O2 - BHO: LastPass Vault [64Bits] - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} . (.LastPass - LastPass Toolbar.) -- C:\Program Files (x86)\LastPass\LPToolbar.dll =>Toolbar.LastPass O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O3 - Toolbar: LastPass Toolbar - [HKLM]{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} . (.LastPass - LastPass Toolbar.) -- C:\Program Files (x86)\LastPass\LPToolbar_x64.dll =>Toolbar.LastPass O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O9 - Extra button: LastPass [64Bits] - {43699cd0-e34f-11de-8a39-0800200c9a66} . (.LastPass - LastPass Toolbar.) -- C:\Program Files (x86)\LastPass\LPToolbar_x64.dll =>Toolbar.LastPass [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}] =>Toolbar.LastPass^ [HKLM\Software\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Interface\{D6094FC6-821F-474C-8D73-C13066CD178D}] =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} =>Toolbar.LastPass^ Toolbar (9) [MD5.00000000000000000000000000000000] [APT] [{3503B0E1-3B46-4E6A-824B-0C1ED30CEF07}] (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (.not file.) [0] C:\Program Files (x86)\OpenOffice.org 3 Trace vieil OpenOffice ShortcutFix EmptyTemp EmptyFlash EmptyCLSID FirewallRaz