cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R3 - URLSearchHook: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_173] Cl� orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_170] Cl� orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_4] Cl� orpheline =>PUP.Eorezo
O23 - Service: nuttkoqiez64 (nuttkoqiez64) . (...) - C:\Program Files\003\nuttkoqiez64.exe =>PUP.AdPeak
O23 - Service: Update ScanTack (Update ScanTack) . (...) - C:\Program Files (x86)\ScanTack\updateScanTack.exe (.not file.)
O42 - Logiciel: Price Meter (remove only) - (.Price Meter.) [HKCU][64Bits] -- Price Meter =>PUP.PriceMeter
O42 - Logiciel: SupraSavings - (.SupraSavings.) [HKLM][64Bits] -- {E6B105B8-1F65-4428-9397-1DFD8A03B94D} =>PUP.SupraSavings
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Rr Savings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\Software\ViewPassword] =>PUP.ViewPassword
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\Genesis] =>PUP.Genesis
[HKCU\Software\TutoTag] =>AgenceExclusive
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Rr Savings] =>PUP.SupraSavings
[HKLM\Software\Wow6432Node\AGENCE-EXCLUSIVE] =>PUP.AgenceExcusive
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch
[HKLM\Software\Wow6432Node\Tutorials] =>AgenceExclusive
[HKLM\Software\Wow6432Node\free_soft_today] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches
[HKLM\Software\suprasavings] =>PUP.SupraSavings
O43 - CFD: 05/05/2014 - 08:41:15 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
O43 - CFD: 07/06/2013 - 18:48:02 - [] ----D C:\Users\alexandra\AppData\Roaming\337 Wallpaper =>Hijacker.22Find
O43 - CFD: 04/05/2014 - 17:55:34 - [0] ----D C:\Users\alexandra\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 05/05/2014 - 08:36:52 - [] ----D C:\Users\alexandra\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
O43 - CFD: 05/05/2014 - 08:36:59 - [] ----D C:\Users\alexandra\AppData\Roaming\IminentToolbar =>Adware.IMBooster
O43 - CFD: 04/05/2014 - 20:09:42 - [] ----D C:\Users\alexandra\AppData\Roaming\webssearches =>Hijacker.WebsSearches
O43 - CFD: 05/05/2014 - 08:41:04 - [0] ----D C:\Users\alexandra\AppData\Local\Genesis =>PUP.Genesis
O44 - LFC:[MD5.385D6438CE0D3DB25705F907D3019920] - 04/05/2014 - 17:04:53 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [18816] =>Rogue.RegistryPowerCleaner
O45 - LFCP:[MD5.43D5B2165EC0B54760278FF61530A451] - 04/05/2014 - 16:48:37 ---A- - C:\Windows\Prefetch\AMSETUP_ACTIVERIS_DEFAULT_010-465548A2.pf =>PUP.Activeris
O45 - LFCP:[MD5.8BCD9BA7B8660CC6566669C91FD75D4E] - 04/05/2014 - 17:03:48 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-9B5F8178.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.AE2F257B1F737C0CE7BED576931FCBF7] - 25/02/2014 - 04:27:36 ---A- - C:\Windows\Prefetch\BICLIENT.EXE-3572E3BD.pf =>Adware.MegaSearch
O45 - LFCP:[MD5.B430F80D737223ABCB4F6CD2E77BD20D] - 04/05/2014 - 17:05:56 ---A- - C:\Windows\Prefetch\BLOCKANDSURFP72.EXE-01EAB459.pf =>PUP.BlockAndSurf
O45 - LFCP:[MD5.EAA447D1A47C8467B2A736CA33C4D94E] - 04/05/2014 - 16:47:32 ---A- - C:\Windows\Prefetch\FREESOFTTODAY.TMP-D36E5303.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.0A9536A5739D9CEB9DE3E184E759F919] - 05/05/2014 - 07:41:04 ---A- - C:\Windows\Prefetch\GENESIS.EXE-0806E009.pf =>PUP.Genesis
O45 - LFCP:[MD5.A8289519FD64E1C503EC71B7AD9F90AB] - 05/05/2014 - 07:36:31 ---A- - C:\Windows\Prefetch\GENESISINSTALLER.EXE-59BD6EBA.pf =>PUP.Genesis
O45 - LFCP:[MD5.40DC0BB04E0B767B9F87D7DACE302462] - 05/05/2014 - 07:38:39 ---A- - C:\Windows\Prefetch\GENESISINSTALLER.EXE-B573BC34.pf =>PUP.Genesis
O45 - LFCP:[MD5.7C1497E4A68F68E7E3F7487090AD9926] - 05/05/2014 - 07:39:05 ---A- - C:\Windows\Prefetch\IMINENT4FFX.EXE-5B2EE94F.pf =>Adware.IMBooster
O45 - LFCP:[MD5.67DB26185A28500C319740DD3687363B] - 05/05/2014 - 07:39:05 ---A- - C:\Windows\Prefetch\IMINENT4IE.EXE-4EB8BC21.pf =>Adware.IMBooster
O45 - LFCP:[MD5.35E791E2C4DAB798D80DC8BFD03266B1] - 05/05/2014 - 07:39:02 ---A- - C:\Windows\Prefetch\IMINENTMINIBARIE.EXE-3D2AC70F.pf =>PUP.Minibar
O45 - LFCP:[MD5.F893E4FDADCC8926C435DCC0DEBB0783] - 05/05/2014 - 07:41:15 ---A- - C:\Windows\Prefetch\IMINENTSRV.EXE-9ECA5E9D.pf =>Adware.IMBooster
O45 - LFCP:[MD5.42F84C4B3A3D51BA7AF821A0C27605A5] - 05/05/2014 - 07:39:09 ---A- - C:\Windows\Prefetch\IMINENTTOOLBAR.EXE-F15AA9CE.pf =>Adware.IMBooster
O45 - LFCP:[MD5.3CF7055D0821B67D278EB8F0F3C3C11A] - 05/05/2014 - 07:41:17 ---A- - C:\Windows\Prefetch\IMINENTUNINSTALL.EXE-9087B9EC.pf =>Adware.IMBooster
O45 - LFCP:[MD5.094FD50E70C9D3043DC17149AC71AD35] - 05/05/2014 - 07:38:39 ---A- - C:\Windows\Prefetch\IMINENT_1712-B2FCAD5E.EXE-11C88EA3.pf =>Adware.IMBooster
O45 - LFCP:[MD5.F0DE195C9571CD6E890FF185D51A0923] - 05/05/2014 - 07:36:26 ---A- - C:\Windows\Prefetch\IMINENT_1712-B2FCAD5E.EXE-79DD8C79.pf =>Adware.IMBooster
O45 - LFCP:[MD5.D55D0D9395F7B5140B5431E477F8A2D2] - 05/05/2014 - 07:39:01 ---A- - C:\Windows\Prefetch\MINIBARCHROME.EXE-1A227E13.pf =>PUP.Minibar
O45 - LFCP:[MD5.F81EBD704CAA9D87D2E0A7B7B9BD7AA1] - 05/05/2014 - 07:38:58 ---A- - C:\Windows\Prefetch\MINIBARFIREFOX.EXE-13B02DDC.pf =>PUP.Minibar
O45 - LFCP:[MD5.FD8DACD18DADF0D99691FB3585184B6E] - 05/05/2014 - 07:39:19 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-80CD39EC.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.6498086DAA88A78126B1DEA53B85EAD6] - 05/05/2014 - 07:37:23 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-97D1E332.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.ADDD0B6D64A00B99A65F5B665DD3CE16] - 05/05/2014 - 07:37:43 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-65F7E6B1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.9B4AA0B090C63E63F04DB4B85DCC8855] - 04/05/2014 - 17:26:41 ---A- - C:\Windows\Prefetch\PACKAGE_STARTERTV_INSTALLER_M-AE72C313.pf =>Adware.StarterTV
O45 - LFCP:[MD5.428D0D8991DC829E65CD28ABE9981206] - 04/05/2014 - 17:14:48 ---A- - C:\Windows\Prefetch\PACKAGE_STARTERTV_INSTALLER_M-CABC7D56.pf =>Adware.StarterTV
O45 - LFCP:[MD5.DAFEC59B7E28CB2BCA398E1B5AE86FAA] - 04/05/2014 - 17:14:49 ---A- - C:\Windows\Prefetch\SETUP_AGEX_STARTERTV_FR_20.TM-378C7B5B.pf =>Adware.StarterTV
O45 - LFCP:[MD5.C0DE3956AF969F10B73215525BB7FD5C] - 04/05/2014 - 17:26:41 ---A- - C:\Windows\Prefetch\SETUP_AGEX_STARTERTV_FR_20.TM-B45AE19B.pf =>Adware.StarterTV
O45 - LFCP:[MD5.9CC896703445B5F2D41616900AEC7153] - 04/05/2014 - 16:48:37 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-7A541F0F.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.6C416D6B389594792BDE5E20F11738AA] - 04/05/2014 - 16:47:18 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-D30AB7EA.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.7A54BC4D98D1FA9FF1AC111B2E6B21E6] - 25/02/2014 - 23:33:32 ---A- - C:\Windows\Prefetch\SURFTASTICSETUP.EXE-A1722A38.pf =>Adware.Surftastic
O45 - LFCP:[MD5.F5B2DC0BC8EB4B56FA301F722B1B2D15] - 04/05/2014 - 17:08:41 ---A- - C:\Windows\Prefetch\UPFST_FR_170.EXE-AF4CE944.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.4125A3A3D6CB586F8FE7FD34B27AAED2] - 04/05/2014 - 17:04:26 ---A- - C:\Windows\Prefetch\UPFST_FR_173.EXE-46C71AEA.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.2DA55E7B010A83EAD5005F333C57081A] - 04/05/2014 - 17:35:34 ---A- - C:\Windows\Prefetch\UPSTV_FR_4.EXE-0792ACFC.pf =>PUP.Eorezo
O45 - LFCP:[MD5.55FEDD67DDD5F3DBEB48F1CA669A47A5] - 05/05/2014 - 07:36:29 ---A- - C:\Windows\Prefetch\VIEWPASSWORDFIX.EXE-B859FE6F.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.0C3A48CECE5BD319E9D5B6A281893E65] - 05/05/2014 - 07:37:56 ---A- - C:\Windows\Prefetch\VIEWPASSWORDFIX161.EXE-4FFA931F.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.F256150BC8AD1ADDC39582CAC37959C0] - 05/05/2014 - 07:37:10 ---A- - C:\Windows\Prefetch\VIEWPASSWORDFIXQNW.EXE-D160C735.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.135F8CAB4B18386B4A4E9ECF532901AD] - 05/05/2014 - 07:38:32 ---A- - C:\Windows\Prefetch\VIEWPASSWORD_1030-8002_P.EXE-963BDD03.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.387C85A0DFC00E9958F7785A571C3506] - 05/05/2014 - 07:36:29 ---A- - C:\Windows\Prefetch\VIEWPASSWORD_1030-8002_P.EXE-BBF06A09.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.7B00F94022EA8A64A63D3A8F80E3179A] - 04/05/2014 - 16:47:18 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-695A1678.pf =>Adware.Downware
O45 - LFCP:[MD5.2E32EF6D49461D76FA70700F6AEE4A42] - 05/05/2014 - 07:39:25 ---A- - C:\Windows\Prefetch\WAJAMINTERNETENHANCER.EXE-7CCC0C89.pf =>PUP.Wajam
O45 - LFCP:[MD5.BA89AE4402219C63FF89B10B97DD317E] - 05/05/2014 - 07:42:53 ---A- - C:\Windows\Prefetch\WAJAMINTERNETENHANCERSERVICE.-85203576.pf =>PUP.Wajam
O45 - LFCP:[MD5.51B05B74CBA4A6E6B96ABD5190F96077] - 05/05/2014 - 07:38:44 ---A- - C:\Windows\Prefetch\WAJAM_2207-6C14163C.EXE-373F497A.pf =>PUP.Wajam
O45 - LFCP:[MD5.0B10360661ACF1C81BC5E5FB2DA2A9C7] - 05/05/2014 - 07:36:33 ---A- - C:\Windows\Prefetch\WAJAM_2207-6C14163C.EXE-875FB4B0.pf =>PUP.Wajam
O45 - LFCP:[MD5.9DF172D8815391C9F45DB9D98419DB2C] - 05/05/2014 - 07:39:09 ---A- - C:\Windows\Prefetch\WAJAM_INSTALL.EXE-B4C8656F.pf =>PUP.Wajam
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
O58 - SDL:18/03/2014 - 15:12:04 ---A- . (.SecureAssist - WFP driver.) -- C:\Windows\System32\Drivers\SAWFP64.sys [41768] =>PUP.SupraSavings
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe [4831488] =>PUP.Activeris
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Fytrzaxghtej.) -- C:\Users\alexandra\AppData\Local\Temp\mediaplayerpluuss.exe [7067024] =>PUP.CrossRider
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Sokgco.) -- C:\Users\alexandra\AppData\Local\Temp\freeven-pr2.exe [7033408] =>PUP.Freeven
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Uniblue Systems Limited.) -- C:\Users\alexandra\AppData\Local\Temp\is-GFNJC.tmp\SpeedUpMyPC-standalone-setup.exe [19160632] =>PUP.SpeedUpMyPC
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Wish Application.) -- C:\Users\alexandra\AppData\Local\Temp\lly_webssearches .exe [611480] =>Hijacker.WebsSearches
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.free_soft_today.) -- C:\Users\alexandra\AppData\Local\Temp\freesofttoday.exe [3282640] =>Adware.FreeSoftToday
O61 - LFC: 04/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\vopackage.exe [296161] =>Adware.Downware
O61 - LFC: 04/05/2014 - 10:32:35 ---A- . (.Uniblue Systems Limited.) -- C:\Users\alexandra\AppData\Local\Temp\speedupmypc.exe [1278496] =>PUP.SpeedUpMyPC
O61 - LFC: 04/05/2014 - 10:32:41 ---A- . (...) -- C:\Users\alexandra\Downloads\alloplayer.exe [795984] =>PUP.Alloplayer
O61 - LFC: 05/05/2014 - 10:32:20 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Microsoft\Windows\INetCache\IE\7LV1D0UL\IminentMinibarIE[1].exe [1062760] =>PUP.Minibar
O61 - LFC: 05/05/2014 - 10:32:20 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Microsoft\Windows\INetCache\IE\NKYEIDTD\MinibarFirefox[1].exe [1135024] =>PUP.Minibar
O61 - LFC: 05/05/2014 - 10:32:20 ---A- . (.IminentToolbar.) -- C:\Users\alexandra\AppData\Local\Microsoft\Windows\INetCache\IE\XNHR5RCX\IMinentToolbar[1].exe [2147160] =>Adware.IMBooster
O61 - LFC: 05/05/2014 - 10:32:20 ---A- . (.Sien SA.) -- C:\Users\alexandra\AppData\Local\Microsoft\Windows\INetCache\IE\XNHR5RCX\MinibarChrome[1].exe [869184] =>PUP.Minibar
O61 - LFC: 05/05/2014 - 10:32:34 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n634\GenesisInstaller.exe [2620928] =>PUP.Genesis
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n634\OptimizerPro.exe [6872592] =>PUP.OptimizerPro
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n634\ViewPassword_1030-8002_P.exe [1388861] =>PUP.ViewPassword
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n634\wajam_2207-6c14163c.exe [55363] =>PUP.Wajam
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n636\GenesisInstaller.exe [2620928] =>PUP.Genesis
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n636\OptimizerPro.exe [6872592] =>PUP.OptimizerPro
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n636\ViewPassword_1030-8002_P.exe [1388861] =>PUP.ViewPassword
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\n636\wajam_2207-6c14163c.exe [55363] =>PUP.Wajam
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (.SIEN.) -- C:\Users\alexandra\AppData\Local\Temp\n634\Iminent_1712-b2fcad5e.exe [2167160] =>Adware.IMBooster
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (.SIEN.) -- C:\Users\alexandra\AppData\Local\Temp\n636\Iminent_1712-b2fcad5e.exe [2167160] =>Adware.IMBooster
O61 - LFC: 05/05/2014 - 10:32:36 ---A- . (.Sien SA.) -- C:\Users\alexandra\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\minibarchrome.exe [869184] =>PUP.Minibar
O61 - LFC: 29/04/2014 - 10:32:34 ---A- . (.Tuto4pc.) -- C:\Users\alexandra\AppData\Local\Temp\is-BJ8M0.tmp\package_plushd_installer_multilang.exe [401616] =>PUP.AgenceExclusive
O61 - LFC: 30/04/2014 - 10:32:07 ---A- . (.AnyProtect.com.) -- C:\Users\alexandra\AppData\Local\AnyProtectScannerSetup.exe [1728322] =>PUP.AnyProtect
O61 - LFC: 30/04/2014 - 10:32:34 ----- . (.AnyProtect.com.) -- C:\Users\alexandra\AppData\Local\Temp\is45637729\213909_stp\AnyProtectScannerSetup.exe [1728322] =>PUP.AnyProtect
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O90 - PUC: "8B501B6E56F182443979D1DFA8309BD4" . (.SupraSavings.) -- c:\WINDOWS\Installer\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}\icon64.ico =>PUP.SupraSavings
O90 - PUC: "BD04C21DD7DC68D42958E5F22E63394E" . (.SupraSavings.) -- c:\WINDOWS\Installer\{D12C40DB-CD7D-4D86-9285-5E2FE23693E4}\icon64.ico =>PUP.SupraSavings
[MD5.9D0767859EE938C0C4FAC30693109843] [WIS][28/03/2014] (.SupraSavings - SupraSavings.) -- C:\Windows\Installer\83c182.msi [3162112] =>PUP.SupraSavings
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASAPI32 =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASMANCS =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Surftastic_RASAPI32 =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Surftastic_RASMANCS =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASAPI32 =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSurftastic_RASMANCS =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASAPI32 =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSurftastic_RASMANCS =>Adware.Surftastic
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
SS - | Auto 10/07/1658 0 | (Update ScanTack) . (...) - C:\Program Files (x86)\ScanTack\updateScanTack.exe
SR - | Auto 28/03/2014 706560 | (nuttkoqiez64) . (...) - C:\Program Files\003\nuttkoqiez64.exe =>PUP.AdPeak
[HKLM\SYSTEM\CurrentControlSet\Services\nuttkoqiez64] =>PUP.AdPeak^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Meter] =>PUP.PriceMeter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}] =>PUP.SupraSavings^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Agence-Exclusive] =>Spyware.AgenceExclusive
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_173 =>Adware.FreeSoftToday^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster
C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster^
C:\Users\alexandra\AppData\Roaming\337 Wallpaper =>Hijacker.22Find^
C:\Users\alexandra\AppData\Roaming\Activeris =>PUP.Activeris^
C:\Users\alexandra\AppData\Roaming\IminentToolbar =>Adware.IMBooster^
C:\Users\alexandra\AppData\Roaming\webssearches =>Hijacker.WebsSearches^
C:\Users\alexandra\AppData\Local\Genesis =>PUP.Genesis^
C:\Users\alexandra\AppData\Local\Temp\Iminent =>Adware.IMBooster
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf^
[HKCU\Software\AppDataLow\Software\Rr Savings] =>PUP.SupraSavings^
[HKCU\Software\AppDataLow\Software\ViewPassword] =>PUP.ViewPassword^
[HKCU\Software\Genesis] =>PUP.Genesis^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Rr Savings] =>PUP.SupraSavings^
[HKLM\Software\Wow6432Node\AGENCE-EXCLUSIVE] =>PUP.AgenceExcusive^
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch^
[HKLM\Software\Wow6432Node\free_soft_today] =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches^
[HKLM\Software\suprasavings] =>PUP.SupraSavings^
C:\Windows\Installer\83c182.msi =>PUP.SupraSavings^
[HKCU\Software\MGinstall]
[HKLM\Software\Wow6432Node\MaxPower]
O44 - LFC:[MD5.2B2ACEEAA42B3AFA1BA86587F0191D90] - 05/05/2014 - 08:28:05 ---A- . (...) -- C:\Windows\System32\nbspkrs.ico [17454]
R3 - URLSearchHook: (no name) [64Bits] - {e4f7b179-a3f6-47d8-9832-cb7b2627312a} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] Cl� orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] Cl� orpheline
[HKCU\Software\Systweak]
O43 - CFD: 04/05/2014 - 18:14:41 - [0] ----D C:\Program Files (x86)\predm
O43 - CFD: 04/05/2014 - 18:38:43 - [0] ----D C:\Users\alexandra\AppData\Roaming\systweak
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\BackupSetup.exe [10372136]
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\cloud_backup_setup.exe [73808]
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\mainapp.exe [9852842]
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Microsoft Corporation.) -- C:\Users\alexandra\AppData\Local\Temp\is-GFNJC.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 04/05/2014 - 10:32:34 ---A- . (.Microsoft Corporation.) -- C:\Users\alexandra\AppData\Local\Temp\is-VD67L.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 04/05/2014 - 10:32:35 ---A- . (...) -- C:\Users\alexandra\AppData\Local\Temp\Temp1_volkey.zip\Volkey\Volkey.exe [190464]
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (.Installer.) -- C:\Users\alexandra\AppData\Local\Temp\n634\s634.exe [289280]
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (.Installer.) -- C:\Users\alexandra\AppData\Local\Temp\n635\s634.exe [289280]
O61 - LFC: 05/05/2014 - 10:32:35 ---A- . (.Installer.) -- C:\Users\alexandra\AppData\Local\Temp\n636\s634.exe [289280]
O61 - LFC: 29/04/2014 - 10:32:34 ---A- . (.Software.) -- C:\Users\alexandra\AppData\Local\Temp\is-JEBR6.tmp\package_scantack_installer_multilang.exe [411032]
MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[HKCU\Software\Ares Plus]
O43 - CFD: 05/04/2013 - 20:10:17 - [] ----D C:\Program Files (x86)\Ares
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore

Publicité


Signaler le contenu de ce document

Publicité