Script ZHPFIX
M2 - MFEP: prefs.js [eliott - 60oucw1a.default\{D8A30808-3888-E608-3AA4-A2CEA2623402}] [] Discount Dragon v1.0 (..) =>PUP.DiscountDragon
O2 - BHO: Discount Dragon BHO [64Bits] - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} . (.Pas de propriétaire - FrameworkBHO.) -- C:\Program Files (x86)\Discount Dragon\FrameworkBHO.dll =>PUP.DiscountDragon
O4 - HKLM\..\Wow6432Node\Run: [startertv_fr_5] Clé orpheline =>Adware.StarterTV
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_86] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_79] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_80] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_69] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\RunOnce: [Discount Dragon-repairJob] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>PUP.DiscountDragon
[MD5.00000000000000000000000000000000] [APT] [wp_update] (...) -- C:\Users\eliott\AppData\Roaming\~qmfxmax.exe (.not file.) [0] =>PUP.WpManager
O42 - Logiciel: Discount Dragon - (.Smart Apps.) [HKLM][64Bits] -- Discount Dragon =>PUP.DiscountDragon
O42 - Logiciel: Duuqu Update Helper - (.Duuqu Group.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Duuqu
[HKLM\Software\Wow6432Node\TUTO-4PC] =>PUP.AgenceExclusive
O43 - CFD: 16/01/2014 - 18:02:54 - [1,038] ----D C:\Program Files (x86)\Discount Dragon =>PUP.DiscountDragon
O43 - CFD: 17/01/2014 - 11:24:09 - [0] ----D C:\Users\eliott\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 16/01/2014 - 18:02:56 - [1,054] ----D C:\Users\eliott\AppData\Local\Discount Dragon =>PUP.DiscountDragon
O45 - LFCP:[MD5.8BF358CAC3A92EDE6B3B37028866E1F3] - 16/01/2014 - 17:45:59 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_TUTO4PC_FR_86.E-1C69E8BF.pf =>PUP.Eorezo
O45 - LFCP:[MD5.1A35179D90C74AF02E8CE86D2CF71983] - 16/01/2014 - 17:46:00 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_TUTO4PC_FR_86.T-4BECE9C0.pf =>PUP.Eorezo
O45 - LFCP:[MD5.61C0B92249B606AE5F96ADBB52643A8A] - 16/01/2014 - 17:46:36 ---A- - C:\Windows\Prefetch\TUTO4PC_FR_86.EXE-977E935F.pf =>PUP.Eorezo
O61 - LFC: 16/01/2014 - 13:46:15 ---A- . (...) -- C:\Users\eliott\AppData\Local\Discount Dragon\firefox\extension_info.json [2423] =>PUP.DiscountDragon
O61 - LFC: 16/01/2014 - 13:46:15 ---A- . (...) -- C:\Users\eliott\AppData\Local\Discount Dragon\repair_data.json [3586] =>PUP.DiscountDragon
O61 - LFC: 16/01/2014 - 13:46:15 ---A- . (...) -- C:\Users\eliott\AppData\Local\Discount Dragon\uninstall.exe [146283] =>PUP.DiscountDragon
O61 - LFC: 16/01/2014 - 13:46:21 ---A- . (...) -- C:\Users\eliott\AppData\Local\tut_fr_86\tut_fr_86\1.10\eorezo.cyl [69] =>PUP.Eorezo
O61 - LFC: 17/01/2014 - 13:46:35 ---A- . (...) -- C:\Users\eliott\AppData\Roaming\wp_update\currentVersion.txt [1] =>PUP.WpManager
[MD5.C13388A1D0EB8A495C7014805AE236EF] [WIS][21/12/2013] (.Duuqu Group - Duuqu Update Helper.) -- C:\Windows\Installer\649cf.msi [45056] =>PUP.Duuqu
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}] =>PUP.DiscountDragon^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wp_update] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discount Dragon] =>PUP.DiscountDragon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] =>PUP.Duuqu^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:startertv_fr_5 =>Adware.StarterTV^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:Discount Dragon-repairJob =>PUP.DiscountDragon^
C:\Users\eliott\AppData\Roaming\Mozilla\Firefox\Profiles\60oucw1a.default\extensions\{D8A30808-3888-E608-3AA4-A2CEA2623402} =>PUP.DiscountDragon^
C:\Program Files (x86)\Discount Dragon =>PUP.DiscountDragon^
C:\Users\eliott\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\eliott\AppData\Local\Discount Dragon =>PUP.DiscountDragon^
[HKLM\Software\Wow6432Node\TUTO-4PC] =>PUP.AgenceExclusive^
C:\Windows\Installer\649cf.msi =>PUP.Duuqu^
Spybot - Search & Destroy v2.0.12
O4 - GS\Desktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O43 - CFD: 19/04/2013 - 20:04:45 - [4,280] ----D C:\Program Files (x86)\GUM4A0A.tmp
O43 - CFD: 26/05/2013 - 19:30:00 - [4,594] ----D C:\Program Files (x86)\GUM5A20.tmp
O43 - CFD: 26/12/2013 - 23:14:10 - [0] ----D C:\Users\eliott\AppData\Local\tut_fr_86
O44 - LFC:[MD5.3A3E7190036D75B0D8C92202F1930CF9] - 09/01/2014 - 14:55:23 ----- . (...) -- C:\Ad-Report-CLEAN[1].txt [4599]    
O44 - LFC:[MD5.3BF4FA2946130824F3493CCD849C03E4] - 09/01/2014 - 15:17:44 ----- . (...) -- C:\Ad-Report-CLEAN[2].txt [4732]    
O44 - LFC:[MD5.3B90696CFE8B3201669CF3D1A9604461] - 09/01/2014 - 15:55:32 ----- . (...) -- C:\Ad-Report-CLEAN[3].txt [4435]    
O44 - LFC:[MD5.201FB922BC72BDC17C00463DE1469D25] - 09/01/2014 - 17:03:21 ----- . (...) -- C:\Ad-Report-CLEAN[4].txt [4940]    
O44 - LFC:[MD5.294870DCA3BC5BF8327F99DC589204DF] - 16/01/2014 - 14:42:49 ---A- . (...) -- C:\UsbFix [Clean 2] ELIOTT-PC.txt [10087]    
O45 - LFCP:[MD5.F5F02292F61D90C1B84FD10343601A7C] - 16/01/2014 - 17:45:51 ---A- - C:\Windows\Prefetch\VIRUTALMACHINEDETECT.EXE-3264A87A.pf
O45 - LFCP:[MD5.0501B82E29D1BB03F33E25973EA8CE6F] - 16/01/2014 - 18:02:32 ---A- - C:\Windows\Prefetch\VIRUTALMACHINEDETECT.EXE-F9ABA764.pf
O45 - LFCP:[MD5.32F97F9FE05F10C3CF8C84CEC8B7406D] - 16/01/2014 - 18:02:36 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-FC34F657.pf
O45 - LFCP:[MD5.A129E366B5303FD874874781669FB365] - 16/01/2014 - 18:02:39 ---A- - C:\Windows\Prefetch\PREDM.EXE-03A798DC.pf
O45 - LFCP:[MD5.5D2ACE50DD058F3BB412D4EC5243D0C4] - 16/01/2014 - 18:02:39 ---A- - C:\Windows\Prefetch\PREDM.TMP-D7255E6A.pf
O45 - LFCP:[MD5.DB059BA27ADC37E5D7CFE4CB74445A78] - 16/01/2014 - 18:02:41 ---A- - C:\Windows\Prefetch\DM.EXE-1681387B.pf
O45 - LFCP:[MD5.AE635F331FC2BE0BA7BACD09BF7B0390] - 16/01/2014 - 18:02:41 ---A- - C:\Windows\Prefetch\DM.TMP-FA7384F6.pf
O45 - LFCP:[MD5.36B16B11791EC28095CCFB1809256B7D] - 16/01/2014 - 18:02:45 ---A- - C:\Windows\Prefetch\DDRAGON.TMP-23F0B383.pf
O45 - LFCP:[MD5.F28FA4CDFD46AE8957A6346248731B98] - 16/01/2014 - 18:02:52 ---A- - C:\Windows\Prefetch\PACKAGE_DDRAGON_INSTALLER_MUL-240F6FB0.pf
O45 - LFCP:[MD5.C19218C44A2E5A613CB2A91152593A86] - 16/01/2014 - 18:02:53 ---A- - C:\Windows\Prefetch\PACKAGE_DDRAGON_INSTALLER_MUL-972F5018.pf
O45 - LFCP:[MD5.DE49E7D9EA6DB66D0957D4781ED64D54] - 16/01/2014 - 18:02:53 ---A- - C:\Windows\Prefetch\SQLITE3.EXE-7AA45C3D.pf
O45 - LFCP:[MD5.290D59096A8FC48240036079BBDF2859] - 16/01/2014 - 18:02:55 ---A- - C:\Windows\Prefetch\FRAMEWORKENGINE.EXE-5A7E5379.pf
O45 - LFCP:[MD5.14D164A40F066FE84B7A4C008AADF8CF] - 16/01/2014 - 18:02:57 ---A- - C:\Windows\Prefetch\38900FR.EXE-657DA136.pf
O45 - LFCP:[MD5.1BCDF00254273F1D5A8BDC6BC12FC0FE] - 16/01/2014 - 18:02:57 ---A- - C:\Windows\Prefetch\SOFTWAREDETECTOR.EXE-5BFE4BD5.pf
O45 - LFCP:[MD5.F40B523CF88DA6DE65797AD7E818DADB] - 17/01/2014 - 10:06:58 ---A- - C:\Windows\Prefetch\999032DE-BE8C-4E65-AD91-B0F4F-08CBFE29.pf
O45 - LFCP:[MD5.F0EDBA593D5294DACD1FCCD57853609B] - 17/01/2014 - 10:36:13 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
O45 - LFCP:[MD5.CA57D5997677C2ED848FB6A171564D88] - 17/01/2014 - 11:15:46 ---A- - C:\Windows\Prefetch\UPT4PC_FR_46.EXE-0CDFAE3F.pf
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix    
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\eliott\AppData\Local\Temp\Quarantine.exe [360073]
SS - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline    
[HKLM\Software\Wow6432Node\iRobinHoodInstall] =>Toolbar.iRobinHood
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\iRobinHoodInstall] =>Toolbar.iRobinHood^
shortcutfix
proxyfix
sysrestore
emptyflash
emptytemp
emptyclsid