Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFIX
G2 - GCE: Preference [User Data\Default] [nikdaiaidiiiogaidkkekcmokcgcdeac] Discount Dragon v.1.0, (Activ�) =>PUP.DiscountDragon
O1 - Hosts: 54.225.95.126 achhmapmjlcjlomcbmbicbgkihghgnie
O1 - Hosts: 54.225.95.126 nikdaiaidiiiogaidkkekcmokcgcdeac =>PUP.DiscountDragon
O4 - GS\Desktop [saloon]: Actu cin�ma, s�ries TV, stars - Bandes annonces � Premiere.fr.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.premiere.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: ameli.fr - l�Assurance Maladie en ligne.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.ameli.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Forum - Cyclism'Actu � Page d�index.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.cyclismactu.net =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: MAAF Assurances _ mutuelle assurance auto moto habitation sant� � Devis assurance en ligne.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.maaf.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Metronews, info en continu. Actualit�, Sport, Culture, Hi-Tech � metronews.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.metronews.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Motoconnect.com _ le forum des Fazermen � Portail.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.motoconnect.com =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: PayPal.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.paypal.com =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Portail SFR _ Vos services et contenus, l�info en plus.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sfr.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: RTBF Sport � football, cyclisme, tennis, f1, rallye, infos et vid�os.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.rtbf.be =>Hijacker.Browsers
[MD5.3AADCF0B983E96111F1610613973411C] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [3152384] =>Trojan.Keygen
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon
O43 - CFD: 08/01/2014 - 21:27:04 - [0] ----D C:\Users\saloon\AppData\Roaming\wp_update =>PUP.WpManager
O45 - LFCP:[MD5.AA8DFB2FE99D87FDD72F056400578216] - 09/01/2014 - 18:36:13 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-507507D1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.368A2ED8CBF6610F557AE771298E6DB0] - 09/01/2014 - 18:43:07 ---A- - C:\Windows\Prefetch\SNAPDO.EXE-2A9A4EB4.pf
O45 - LFCP:[MD5.DFDE5D12F474E2E1F71B2D0DF4B079DD] - 12/01/2014 - 14:41:35 ---A- - C:\Windows\Prefetch\UPFST_FR_50.EXE-1A0E2CB0.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.A117AE78DB4CCD22EB24F41E7638B657] - 12/01/2014 - 20:04:17 ---A- - C:\Windows\Prefetch\DISCOUNT DRAGON-CODEDOWNLOADE-9A05BC6C.pf =>PUP.DiscountDragon
O45 - LFCP:[MD5.6564BD3292862C9DA1628195BF68BF44] - 12/01/2014 - 20:04:23 ---A- - C:\Windows\Prefetch\DISCOUNT DRAGON-BG.EXE-FC2A5FE7.pf =>PUP.DiscountDragon
O45 - LFCP:[MD5.E148CBC4DB78E15C875306B9CC42A300] - 15/01/2014 - 20:53:45 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-1611BB61.pf =>PUP.Wajam
O45 - LFCP:[MD5.FB72C657FB04D33D7CD0A8F905828540] - 15/01/2014 - 20:54:01 ---A- - C:\Windows\Prefetch\MYSEARCHDIALSRV.EXE-ADF8ADFE.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.545B6DFFBAE4B67ACC87D54873A3C301] - 15/01/2014 - 20:54:17 ---A- - C:\Windows\Prefetch\MYSEARCHDIAL.EXE-4C032D33.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.71CD565505BD779FF6BB83C2B89961DF] - 15/01/2014 - 20:59:09 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-A2DA2C53.pf =>PUP.Wajam
[HKLM\Software\Google\Chrome\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac] =>PUP.DiscountDragon^
C:\Users\saloon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac =>PUP.DiscountDragon^
C:\Users\saloon\AppData\Roaming\wp_update =>PUP.WpManager^
C:\WINDOWS\AutoKMS\AutoKMS.exe =>Trojan.Keygen^
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon^
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O45 - LFCP:[MD5.EDDBA60BFFEBA6E9AC1388226214ADF1] - 06/01/2014 - 23:36:50 ---A- - C:\Windows\Prefetch\BARETORRENT_0-4-4_FR_430051_6-2ED43091.pf
O45 - LFCP:[MD5.CE552F00537BDD02C001BCA850F0A466] - 07/01/2014 - 18:33:42 ---A- - C:\Windows\Prefetch\BARETORRENT_0-4-4_FR_430051_6-30234153.pf
O45 - LFCP:[MD5.1E83C0DE8029D35AD54F0FF1325972CE] - 08/01/2014 - 21:04:11 ---A- - C:\Windows\Prefetch\INSTALLER_SONGR_FRENCH.EXE-0E37EFC1.pf
O45 - LFCP:[MD5.DF24F41A59F5F9747D856897604865DE] - 08/01/2014 - 21:49:07 ---A- - C:\Windows\Prefetch\ECARTEBLEUESG.EXE-F0261ACF.pf
O45 - LFCP:[MD5.E23226D4EB73DF6FEF525D1914D4A917] - 08/01/2014 - 21:50:49 ---A- - C:\Windows\Prefetch\SONGR.EXE-C9DEC921.pf
O45 - LFCP:[MD5.78710E95B11E3EF640BB3CA4D2C2CA29] - 08/01/2014 - 21:50:53 ---A- - C:\Windows\Prefetch\SONGR_49857599303B_LOCAL_UPDA-871A039A.pf
O45 - LFCP:[MD5.03CAA31AE9CC3AEC15486BD17A8E6518] - 08/01/2014 - 22:31:35 ---A- - C:\Windows\Prefetch\RNSETUP0.EXE-8FE1213A.pf
O45 - LFCP:[MD5.985FFFE9089033C0848E44D42993A2AE] - 09/01/2014 - 19:57:27 ---A- - C:\Windows\Prefetch\REALPLAYER.EXE-212C5CE5.pf
O45 - LFCP:[MD5.13EB1F4146FF8C82958E89D3363A31D0] - 10/01/2014 - 18:00:13 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.AEB8CB2FB3F676D5AE58E8AB8060848C] - 10/01/2014 - 19:01:29 ---A- - C:\Windows\Prefetch\DW.EXE-E1DA1676.pf
O45 - LFCP:[MD5.F507A1B33A860B03A0485F3F7D4C9732] - 10/01/2014 - 19:30:12 ---A- - C:\Windows\Prefetch\UNCOMPRESS.EXE-2466AC85.pf
O45 - LFCP:[MD5.13AF58A8536ABDEC9FF9FC6E648FC5FA] - 10/01/2014 - 19:54:19 ---A- - C:\Windows\Prefetch\FIRSTRUN.EXE-E8289D67.pf
O45 - LFCP:[MD5.9DBB3E9BBF5998431A3228C8D464FA01] - 11/01/2014 - 10:08:22 ---A- - C:\Windows\Prefetch\MMGZATLZFBPTGH.EXE-CA6F88D2.pf
O45 - LFCP:[MD5.19F53BAE8261CCE490578C827E0128E3] - 11/01/2014 - 14:13:53 ---A- - C:\Windows\Prefetch\RADIO_FR_SOLO.EXE-2753349F.pf
O45 - LFCP:[MD5.146011A352BEBFC2D17397EA8B69CD0D] - 11/01/2014 - 14:21:24 ---A- - C:\Windows\Prefetch\201.EXE-FC6625BF.pf
O45 - LFCP:[MD5.CAC684C30937ABC5D7712F946E36D483] - 11/01/2014 - 15:47:32 ---A- - C:\Windows\Prefetch\VSNP2STD.EXE-E1735CCE.pf
O45 - LFCP:[MD5.90371F18D6A7D1D29111F632BC5A554A] - 11/01/2014 - 15:47:46 ---A- - C:\Windows\Prefetch\TSNP2STD.EXE-768C2534.pf
O45 - LFCP:[MD5.10A7D1C5C9EAB5F913DCF71EBFAF9B7F] - 11/01/2014 - 21:23:45 ---A- - C:\Windows\Prefetch\DRIVERINSTALL_INCLUDEDX9.0CGL-5541B81C.pf
O45 - LFCP:[MD5.394CA6845ADA19A16CCFCA072589ECCF] - 12/01/2014 - 11:23:48 ---A- - C:\Windows\Prefetch\MAJFST.TMP-89AC0951.pf
O45 - LFCP:[MD5.B1FCD2FD7D1393CCFBFC42E018A31C0A] - 12/01/2014 - 14:06:43 ---A- - C:\Windows\Prefetch\RMVPEYE.EXE-AF967442.pf
O45 - LFCP:[MD5.5DC5959CCD96B67BD75D0E7BCC284B97] - 12/01/2014 - 14:21:46 ---A- - C:\Windows\Prefetch\AUTORUN.EXE-D28490C2.pf
O45 - LFCP:[MD5.CEE7E91686BA08F5E3B7E79E2D178CD9] - 12/01/2014 - 14:23:19 ---A- - C:\Windows\Prefetch\VPEYEV4.EXE-59A08F01.pf
O45 - LFCP:[MD5.C8A3AD2EAB6F050B45B310B20D1FBE19] - 12/01/2014 - 14:48:47 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-AF62DDEE.pf
O45 - LFCP:[MD5.1411CCA7E4704DF7869D1C02BCB172BD] - 12/01/2014 - 14:48:51 ---A- - C:\Windows\Prefetch\PREDM.TMP-DF14F718.pf
O45 - LFCP:[MD5.FE8505686436717A7C95E2C066F14E08] - 12/01/2014 - 14:48:54 ---A- - C:\Windows\Prefetch\DM.TMP-3B9D237E.pf
O45 - LFCP:[MD5.F5DDEBB2E9F4FA38D76A5B5D5A7FE903] - 12/01/2014 - 14:49:03 ---A- - C:\Windows\Prefetch\IMNS.EXE-B72A59D5.pf
O45 - LFCP:[MD5.51C9B2F7F383872BF9E763324860FC27] - 12/01/2014 - 14:49:23 ---A- - C:\Windows\Prefetch\DDRAGON.TMP-5B52252A.pf
O45 - LFCP:[MD5.7074B9F6301759695FEA979ECD90C199] - 12/01/2014 - 14:49:33 ---A- - C:\Windows\Prefetch\CLING.TMP-83C0B8E7.pf
O45 - LFCP:[MD5.C714CF6DDB7D1CA8CC51335E0A93187E] - 12/01/2014 - 14:49:33 ---A- - C:\Windows\Prefetch\PACKAGE_DDRAGON_INSTALLER_MUL-B9B7994F.pf
O45 - LFCP:[MD5.11D7A49E98C8B6ED3708EC037196829F] - 12/01/2014 - 14:49:45 ---A- - C:\Windows\Prefetch\PACKAGE_CLING_INSTALLER_MULTI-1B186261.pf
O45 - LFCP:[MD5.ADDA47612393E83285D7D310E0DE4026] - 12/01/2014 - 18:19:58 ---A- - C:\Windows\Prefetch\INSTUP.EXE-2CA50CD8.pf
O45 - LFCP:[MD5.3D29E346BC0C4E664618BA22D8702279] - 12/01/2014 - 20:04:01 ---A- - C:\Windows\Prefetch\12751-INTERNAL-INSTALLER.EXE-61D1215E.pf
O45 - LFCP:[MD5.B3FEE2567EAE241F5935F9AC2293F42B] - 12/01/2014 - 20:04:07 ---A- - C:\Windows\Prefetch\12751-INTERNAL-INSTALLER.EXE-B7BE89D7.pf
O45 - LFCP:[MD5.F1EC7B66B637CB82AB1EEFC1862EC6B5] - 12/01/2014 - 20:04:09 ---A- - C:\Windows\Prefetch\SCS.EXE-27205CAC.pf
O45 - LFCP:[MD5.478B09842E7D36C9390834DC890DC213] - 12/01/2014 - 20:04:34 ---A- - C:\Windows\Prefetch\UPDATER12751.EXE-004C3751.pf
O45 - LFCP:[MD5.4AEEF4C72BEEDD20D2EAD97B69B4224C] - 12/01/2014 - 20:28:25 ---A- - C:\Windows\Prefetch\CACLS.EXE-AF118E12.pf
O45 - LFCP:[MD5.9CBCCB32B2F97AE3AE7A1293DBD3A668] - 12/01/2014 - 21:22:30 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-9FA13840.pf
O45 - LFCP:[MD5.B98E359256AE721F1ED7D438012A3F44] - 12/01/2014 - 21:24:19 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
O45 - LFCP:[MD5.88B7A2544B14225BF8F9D140E671DA20] - 12/01/2014 - 22:09:16 ---A- - C:\Windows\Prefetch\WSRESET.EXE-B9AC6F61.pf
O45 - LFCP:[MD5.19E003F8CE4DADD7DFF35F9D196B2A8F] - 12/01/2014 - 22:29:42 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-A6439FCB.pf
O45 - LFCP:[MD5.08BC1485A0502306F4D3C6CB174253DD] - 12/01/2014 - 22:32:29 ---A- - C:\Windows\Prefetch\KSS12.0.1.117MLG_EN-FR_RU-FR_-7654503B.pf
O45 - LFCP:[MD5.518AE715497873CC2D880B86A16B775A] - 12/01/2014 - 22:34:25 ---A- - C:\Windows\Prefetch\KSS12.0.1.117MLG_EN-FR_RU-FR_-B918330B.pf
O45 - LFCP:[MD5.BCC7BC98CCFA80EA6043B7CA3E46DA1C] - 12/01/2014 - 23:10:35 ---A- - C:\Windows\Prefetch\STARTUPLITE-SETUP-1.07.EXE-600C7B43.pf
O45 - LFCP:[MD5.E073C258A3A69984D4FCB38A340B4B07] - 13/01/2014 - 21:24:06 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-B5255D1D.pf
O45 - LFCP:[MD5.01F1463444D3966FC5112AE8286BDC87] - 13/01/2014 - 21:25:19 ---A- - C:\Windows\Prefetch\DOWNLOAD.EXE-43B3431D.pf
O45 - LFCP:[MD5.ACFC9A21215FCDC7168E9AEF469CB942] - 13/01/2014 - 22:42:17 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-6069CEA4.pf
O45 - LFCP:[MD5.DA256C66B2AB3E8123EEF325FDEBBA4A] - 13/01/2014 - 22:57:22 ---A- - C:\Windows\Prefetch\NMHOST.EXE-3C702D87.pf
O45 - LFCP:[MD5.5B784601C3FB820F8780A3BA7B143682] - 14/01/2014 - 21:29:26 ---A- - C:\Windows\Prefetch\RECOVERYDRIVE.EXE-69C6B375.pf
O45 - LFCP:[MD5.F133449CF47F4F24A45956D242145B7A] - 15/01/2014 - 18:45:42 ---A- - C:\Windows\Prefetch\FISHING.EXE-7002AC7B.pf
O45 - LFCP:[MD5.A631D1CB76B0A55DF6D4CD45CDC620B1] - 15/01/2014 - 18:48:13 ---A- - C:\Windows\Prefetch\PHOTOSAPP.EXE-0B65831E.pf
O45 - LFCP:[MD5.5152FFA4E2DEAF079C7235FC243A1F7F] - 15/01/2014 - 18:48:19 ---A- - C:\Windows\Prefetch\BULKOPERATIONHOST.EXE-A9AF81E9.pf
O45 - LFCP:[MD5.03D51D0226B99FA0C553AF969B9AB362] - 15/01/2014 - 20:54:25 ---A- - C:\Windows\Prefetch\POWERSHELL.EXE-767FB1AE.pf
O45 - LFCP:[MD5.1870287F8E95814821F603EB56973F18] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\MOBOGENIE_SETUP_UN.EXE-65DC0E46.pf
O45 - LFCP:[MD5.8F8E31E349EDEF1D25FEE7BA49B92435] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\SQLITE3.EXE-FBEC462D.pf
O45 - LFCP:[MD5.661633BBAC242EC683EA09D0C4E1C5C5] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\UPDATEJUMPFLIP.EXE-D342AA66.pf
O45 - LFCP:[MD5.FCBD4D3F9B5947A40E3350197BC60F57] - 15/01/2014 - 20:54:33 ---A- - C:\Windows\Prefetch\FONDUE.EXE-142C2D15.pf
O45 - LFCP:[MD5.9983F3F724271184C1F75B68103F846C] - 15/01/2014 - 20:54:33 ---A- - C:\Windows\Prefetch\FONDUE.EXE-DE2CE179.pf
O45 - LFCP:[MD5.EB18B52A3F25D9D3B1271CA73B2C4B16] - 15/01/2014 - 20:55:10 ---A- - C:\Windows\Prefetch\MGADB.EXE-6E0807A1.pf
O45 - LFCP:[MD5.5E911E04CFF1EE04493376DDA3B0AD13] - 15/01/2014 - 20:55:10 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-0D86EF7B.pf
O45 - LFCP:[MD5.F9D10527F247352942C30AEBB5DE817F] - 15/01/2014 - 20:55:11 ---A- - C:\Windows\Prefetch\MGUSB.EXE-73B3DA58.pf
O45 - LFCP:[MD5.B9F95BB04EA0FBB443B29571690374C2] - 15/01/2014 - 20:55:15 ---A- - C:\Windows\Prefetch\DAEMONPROCESS.EXE-AADED971.pf
O45 - LFCP:[MD5.EE1719113810051F6EC5DF9D956FC39F] - 15/01/2014 - 20:55:32 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-56CAE1A4.pf
O45 - LFCP:[MD5.B172FC5269114F94F28F6E2DD9E6C7E1] - 15/01/2014 - 20:59:10 ---A- - C:\Windows\Prefetch\ZIPOPENERSETUP (1).EXE-5C9E3F5B.pf
O45 - LFCP:[MD5.338EA8BAA15D49B9F1E7161B420025E8] - 15/01/2014 - 20:59:44 ---A- - C:\Windows\Prefetch\OPENIT.EXE-BA512AE3.pf
O45 - LFCP:[MD5.E936A30E91134064097D15C461030804] - 15/01/2014 - 21:26:45 ---A- - C:\Windows\Prefetch\JRT (1).EXE-7311206A.pf
O45 - LFCP:[MD5.E2697A5BF34BBD9E0DC3E2A46D038231] - 15/01/2014 - 22:01:10 ---A- - C:\Windows\Prefetch\WGET.DAT-186B1E47.pf
O45 - LFCP:[MD5.D202CC4C99862938363C4AEA3330DC5D] - 15/01/2014 - 22:01:15 ---A- - C:\Windows\Prefetch\JRT.EXE-A6FBD988.pf
O45 - LFCP:[MD5.4DA2C163A496142F2E0A4BF498283886] - 15/01/2014 - 22:05:40 ---A- - C:\Windows\Prefetch\FC.EXE-F6221E79.pf
O45 - LFCP:[MD5.AC9B1425CDD47789C9D22A11ADE1F304] - 15/01/2014 - 22:05:54 ---A- - C:\Windows\Prefetch\CUT.DAT-EF1BF660.pf
O45 - LFCP:[MD5.5D53036BBE4F283AF76D7F61F90130DA] - 15/01/2014 - 22:06:17 ---A- - C:\Windows\Prefetch\FIND.EXE-9AADDA11.pf
O45 - LFCP:[MD5.FBDF1159A6D1433626DD12CDB5F77BA5] - 15/01/2014 - 22:06:37 ---A- - C:\Windows\Prefetch\NIRCMD.DAT-7A411C7D.pf
O45 - LFCP:[MD5.33A3B5D58CAAC40BB5145D7FEAAE868A] - 15/01/2014 - 22:07:09 ---A- - C:\Windows\Prefetch\SHORTCUT.DAT-BBEABF08.pf
O45 - LFCP:[MD5.560ADFF45FFD863B5D0F5581A748FAB8] - 15/01/2014 - 22:07:14 ---A- - C:\Windows\Prefetch\SED.DAT-72922D90.pf
O45 - LFCP:[MD5.B45F94B1DE461CFB08A291115AF7BBBC] - 16/01/2014 - 07:24:07 ---A- - C:\Windows\Prefetch\PfPre_c88321c2.db
O45 - LFCP:[MD5.49AD6E28E5CEFA410A88F36DFDD67810] - 16/01/2014 - 19:38:33 ---A- - C:\Windows\Prefetch\ECBL-SG.EXE-1FE6D083.pf
O45 - LFCP:[MD5.2AB2ED85241E4A524EE309E9FDDF6591] - 16/01/2014 - 19:40:28 ---A- - C:\Windows\Prefetch\WSHOST.EXE-3BD2AA25.pf
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\saloon\AppData\Local\Temp\Quarantine.exe [360073]
shortcutfix
proxyfix
sysrestore
emptyflash
emptytemp
emptyclsid
G2 - GCE: Preference [User Data\Default] [nikdaiaidiiiogaidkkekcmokcgcdeac] Discount Dragon v.1.0, (Activ�) =>PUP.DiscountDragon
O1 - Hosts: 54.225.95.126 achhmapmjlcjlomcbmbicbgkihghgnie
O1 - Hosts: 54.225.95.126 nikdaiaidiiiogaidkkekcmokcgcdeac =>PUP.DiscountDragon
O4 - GS\Desktop [saloon]: Actu cin�ma, s�ries TV, stars - Bandes annonces � Premiere.fr.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.premiere.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: ameli.fr - l�Assurance Maladie en ligne.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.ameli.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Forum - Cyclism'Actu � Page d�index.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.cyclismactu.net =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: MAAF Assurances _ mutuelle assurance auto moto habitation sant� � Devis assurance en ligne.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.maaf.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Metronews, info en continu. Actualit�, Sport, Culture, Hi-Tech � metronews.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.metronews.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Motoconnect.com _ le forum des Fazermen � Portail.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.motoconnect.com =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: PayPal.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.paypal.com =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: Portail SFR _ Vos services et contenus, l�info en plus.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.sfr.fr =>Hijacker.Browsers
O4 - GS\Desktop [saloon]: RTBF Sport � football, cyclisme, tennis, f1, rallye, infos et vid�os.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.rtbf.be =>Hijacker.Browsers
[MD5.3AADCF0B983E96111F1610613973411C] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [3152384] =>Trojan.Keygen
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon
O43 - CFD: 08/01/2014 - 21:27:04 - [0] ----D C:\Users\saloon\AppData\Roaming\wp_update =>PUP.WpManager
O45 - LFCP:[MD5.AA8DFB2FE99D87FDD72F056400578216] - 09/01/2014 - 18:36:13 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-507507D1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.368A2ED8CBF6610F557AE771298E6DB0] - 09/01/2014 - 18:43:07 ---A- - C:\Windows\Prefetch\SNAPDO.EXE-2A9A4EB4.pf
O45 - LFCP:[MD5.DFDE5D12F474E2E1F71B2D0DF4B079DD] - 12/01/2014 - 14:41:35 ---A- - C:\Windows\Prefetch\UPFST_FR_50.EXE-1A0E2CB0.pf =>PUA.FSTfr9
O45 - LFCP:[MD5.A117AE78DB4CCD22EB24F41E7638B657] - 12/01/2014 - 20:04:17 ---A- - C:\Windows\Prefetch\DISCOUNT DRAGON-CODEDOWNLOADE-9A05BC6C.pf =>PUP.DiscountDragon
O45 - LFCP:[MD5.6564BD3292862C9DA1628195BF68BF44] - 12/01/2014 - 20:04:23 ---A- - C:\Windows\Prefetch\DISCOUNT DRAGON-BG.EXE-FC2A5FE7.pf =>PUP.DiscountDragon
O45 - LFCP:[MD5.E148CBC4DB78E15C875306B9CC42A300] - 15/01/2014 - 20:53:45 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-1611BB61.pf =>PUP.Wajam
O45 - LFCP:[MD5.FB72C657FB04D33D7CD0A8F905828540] - 15/01/2014 - 20:54:01 ---A- - C:\Windows\Prefetch\MYSEARCHDIALSRV.EXE-ADF8ADFE.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.545B6DFFBAE4B67ACC87D54873A3C301] - 15/01/2014 - 20:54:17 ---A- - C:\Windows\Prefetch\MYSEARCHDIAL.EXE-4C032D33.pf =>Adware.MyWebSearch
O45 - LFCP:[MD5.71CD565505BD779FF6BB83C2B89961DF] - 15/01/2014 - 20:59:09 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-A2DA2C53.pf =>PUP.Wajam
[HKLM\Software\Google\Chrome\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac] =>PUP.DiscountDragon^
C:\Users\saloon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac =>PUP.DiscountDragon^
C:\Users\saloon\AppData\Roaming\wp_update =>PUP.WpManager^
C:\WINDOWS\AutoKMS\AutoKMS.exe =>Trojan.Keygen^
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon^
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O45 - LFCP:[MD5.EDDBA60BFFEBA6E9AC1388226214ADF1] - 06/01/2014 - 23:36:50 ---A- - C:\Windows\Prefetch\BARETORRENT_0-4-4_FR_430051_6-2ED43091.pf
O45 - LFCP:[MD5.CE552F00537BDD02C001BCA850F0A466] - 07/01/2014 - 18:33:42 ---A- - C:\Windows\Prefetch\BARETORRENT_0-4-4_FR_430051_6-30234153.pf
O45 - LFCP:[MD5.1E83C0DE8029D35AD54F0FF1325972CE] - 08/01/2014 - 21:04:11 ---A- - C:\Windows\Prefetch\INSTALLER_SONGR_FRENCH.EXE-0E37EFC1.pf
O45 - LFCP:[MD5.DF24F41A59F5F9747D856897604865DE] - 08/01/2014 - 21:49:07 ---A- - C:\Windows\Prefetch\ECARTEBLEUESG.EXE-F0261ACF.pf
O45 - LFCP:[MD5.E23226D4EB73DF6FEF525D1914D4A917] - 08/01/2014 - 21:50:49 ---A- - C:\Windows\Prefetch\SONGR.EXE-C9DEC921.pf
O45 - LFCP:[MD5.78710E95B11E3EF640BB3CA4D2C2CA29] - 08/01/2014 - 21:50:53 ---A- - C:\Windows\Prefetch\SONGR_49857599303B_LOCAL_UPDA-871A039A.pf
O45 - LFCP:[MD5.03CAA31AE9CC3AEC15486BD17A8E6518] - 08/01/2014 - 22:31:35 ---A- - C:\Windows\Prefetch\RNSETUP0.EXE-8FE1213A.pf
O45 - LFCP:[MD5.985FFFE9089033C0848E44D42993A2AE] - 09/01/2014 - 19:57:27 ---A- - C:\Windows\Prefetch\REALPLAYER.EXE-212C5CE5.pf
O45 - LFCP:[MD5.13EB1F4146FF8C82958E89D3363A31D0] - 10/01/2014 - 18:00:13 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.AEB8CB2FB3F676D5AE58E8AB8060848C] - 10/01/2014 - 19:01:29 ---A- - C:\Windows\Prefetch\DW.EXE-E1DA1676.pf
O45 - LFCP:[MD5.F507A1B33A860B03A0485F3F7D4C9732] - 10/01/2014 - 19:30:12 ---A- - C:\Windows\Prefetch\UNCOMPRESS.EXE-2466AC85.pf
O45 - LFCP:[MD5.13AF58A8536ABDEC9FF9FC6E648FC5FA] - 10/01/2014 - 19:54:19 ---A- - C:\Windows\Prefetch\FIRSTRUN.EXE-E8289D67.pf
O45 - LFCP:[MD5.9DBB3E9BBF5998431A3228C8D464FA01] - 11/01/2014 - 10:08:22 ---A- - C:\Windows\Prefetch\MMGZATLZFBPTGH.EXE-CA6F88D2.pf
O45 - LFCP:[MD5.19F53BAE8261CCE490578C827E0128E3] - 11/01/2014 - 14:13:53 ---A- - C:\Windows\Prefetch\RADIO_FR_SOLO.EXE-2753349F.pf
O45 - LFCP:[MD5.146011A352BEBFC2D17397EA8B69CD0D] - 11/01/2014 - 14:21:24 ---A- - C:\Windows\Prefetch\201.EXE-FC6625BF.pf
O45 - LFCP:[MD5.CAC684C30937ABC5D7712F946E36D483] - 11/01/2014 - 15:47:32 ---A- - C:\Windows\Prefetch\VSNP2STD.EXE-E1735CCE.pf
O45 - LFCP:[MD5.90371F18D6A7D1D29111F632BC5A554A] - 11/01/2014 - 15:47:46 ---A- - C:\Windows\Prefetch\TSNP2STD.EXE-768C2534.pf
O45 - LFCP:[MD5.10A7D1C5C9EAB5F913DCF71EBFAF9B7F] - 11/01/2014 - 21:23:45 ---A- - C:\Windows\Prefetch\DRIVERINSTALL_INCLUDEDX9.0CGL-5541B81C.pf
O45 - LFCP:[MD5.394CA6845ADA19A16CCFCA072589ECCF] - 12/01/2014 - 11:23:48 ---A- - C:\Windows\Prefetch\MAJFST.TMP-89AC0951.pf
O45 - LFCP:[MD5.B1FCD2FD7D1393CCFBFC42E018A31C0A] - 12/01/2014 - 14:06:43 ---A- - C:\Windows\Prefetch\RMVPEYE.EXE-AF967442.pf
O45 - LFCP:[MD5.5DC5959CCD96B67BD75D0E7BCC284B97] - 12/01/2014 - 14:21:46 ---A- - C:\Windows\Prefetch\AUTORUN.EXE-D28490C2.pf
O45 - LFCP:[MD5.CEE7E91686BA08F5E3B7E79E2D178CD9] - 12/01/2014 - 14:23:19 ---A- - C:\Windows\Prefetch\VPEYEV4.EXE-59A08F01.pf
O45 - LFCP:[MD5.C8A3AD2EAB6F050B45B310B20D1FBE19] - 12/01/2014 - 14:48:47 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-AF62DDEE.pf
O45 - LFCP:[MD5.1411CCA7E4704DF7869D1C02BCB172BD] - 12/01/2014 - 14:48:51 ---A- - C:\Windows\Prefetch\PREDM.TMP-DF14F718.pf
O45 - LFCP:[MD5.FE8505686436717A7C95E2C066F14E08] - 12/01/2014 - 14:48:54 ---A- - C:\Windows\Prefetch\DM.TMP-3B9D237E.pf
O45 - LFCP:[MD5.F5DDEBB2E9F4FA38D76A5B5D5A7FE903] - 12/01/2014 - 14:49:03 ---A- - C:\Windows\Prefetch\IMNS.EXE-B72A59D5.pf
O45 - LFCP:[MD5.51C9B2F7F383872BF9E763324860FC27] - 12/01/2014 - 14:49:23 ---A- - C:\Windows\Prefetch\DDRAGON.TMP-5B52252A.pf
O45 - LFCP:[MD5.7074B9F6301759695FEA979ECD90C199] - 12/01/2014 - 14:49:33 ---A- - C:\Windows\Prefetch\CLING.TMP-83C0B8E7.pf
O45 - LFCP:[MD5.C714CF6DDB7D1CA8CC51335E0A93187E] - 12/01/2014 - 14:49:33 ---A- - C:\Windows\Prefetch\PACKAGE_DDRAGON_INSTALLER_MUL-B9B7994F.pf
O45 - LFCP:[MD5.11D7A49E98C8B6ED3708EC037196829F] - 12/01/2014 - 14:49:45 ---A- - C:\Windows\Prefetch\PACKAGE_CLING_INSTALLER_MULTI-1B186261.pf
O45 - LFCP:[MD5.ADDA47612393E83285D7D310E0DE4026] - 12/01/2014 - 18:19:58 ---A- - C:\Windows\Prefetch\INSTUP.EXE-2CA50CD8.pf
O45 - LFCP:[MD5.3D29E346BC0C4E664618BA22D8702279] - 12/01/2014 - 20:04:01 ---A- - C:\Windows\Prefetch\12751-INTERNAL-INSTALLER.EXE-61D1215E.pf
O45 - LFCP:[MD5.B3FEE2567EAE241F5935F9AC2293F42B] - 12/01/2014 - 20:04:07 ---A- - C:\Windows\Prefetch\12751-INTERNAL-INSTALLER.EXE-B7BE89D7.pf
O45 - LFCP:[MD5.F1EC7B66B637CB82AB1EEFC1862EC6B5] - 12/01/2014 - 20:04:09 ---A- - C:\Windows\Prefetch\SCS.EXE-27205CAC.pf
O45 - LFCP:[MD5.478B09842E7D36C9390834DC890DC213] - 12/01/2014 - 20:04:34 ---A- - C:\Windows\Prefetch\UPDATER12751.EXE-004C3751.pf
O45 - LFCP:[MD5.4AEEF4C72BEEDD20D2EAD97B69B4224C] - 12/01/2014 - 20:28:25 ---A- - C:\Windows\Prefetch\CACLS.EXE-AF118E12.pf
O45 - LFCP:[MD5.9CBCCB32B2F97AE3AE7A1293DBD3A668] - 12/01/2014 - 21:22:30 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-9FA13840.pf
O45 - LFCP:[MD5.B98E359256AE721F1ED7D438012A3F44] - 12/01/2014 - 21:24:19 ---A- - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
O45 - LFCP:[MD5.88B7A2544B14225BF8F9D140E671DA20] - 12/01/2014 - 22:09:16 ---A- - C:\Windows\Prefetch\WSRESET.EXE-B9AC6F61.pf
O45 - LFCP:[MD5.19E003F8CE4DADD7DFF35F9D196B2A8F] - 12/01/2014 - 22:29:42 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-A6439FCB.pf
O45 - LFCP:[MD5.08BC1485A0502306F4D3C6CB174253DD] - 12/01/2014 - 22:32:29 ---A- - C:\Windows\Prefetch\KSS12.0.1.117MLG_EN-FR_RU-FR_-7654503B.pf
O45 - LFCP:[MD5.518AE715497873CC2D880B86A16B775A] - 12/01/2014 - 22:34:25 ---A- - C:\Windows\Prefetch\KSS12.0.1.117MLG_EN-FR_RU-FR_-B918330B.pf
O45 - LFCP:[MD5.BCC7BC98CCFA80EA6043B7CA3E46DA1C] - 12/01/2014 - 23:10:35 ---A- - C:\Windows\Prefetch\STARTUPLITE-SETUP-1.07.EXE-600C7B43.pf
O45 - LFCP:[MD5.E073C258A3A69984D4FCB38A340B4B07] - 13/01/2014 - 21:24:06 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-B5255D1D.pf
O45 - LFCP:[MD5.01F1463444D3966FC5112AE8286BDC87] - 13/01/2014 - 21:25:19 ---A- - C:\Windows\Prefetch\DOWNLOAD.EXE-43B3431D.pf
O45 - LFCP:[MD5.ACFC9A21215FCDC7168E9AEF469CB942] - 13/01/2014 - 22:42:17 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-6069CEA4.pf
O45 - LFCP:[MD5.DA256C66B2AB3E8123EEF325FDEBBA4A] - 13/01/2014 - 22:57:22 ---A- - C:\Windows\Prefetch\NMHOST.EXE-3C702D87.pf
O45 - LFCP:[MD5.5B784601C3FB820F8780A3BA7B143682] - 14/01/2014 - 21:29:26 ---A- - C:\Windows\Prefetch\RECOVERYDRIVE.EXE-69C6B375.pf
O45 - LFCP:[MD5.F133449CF47F4F24A45956D242145B7A] - 15/01/2014 - 18:45:42 ---A- - C:\Windows\Prefetch\FISHING.EXE-7002AC7B.pf
O45 - LFCP:[MD5.A631D1CB76B0A55DF6D4CD45CDC620B1] - 15/01/2014 - 18:48:13 ---A- - C:\Windows\Prefetch\PHOTOSAPP.EXE-0B65831E.pf
O45 - LFCP:[MD5.5152FFA4E2DEAF079C7235FC243A1F7F] - 15/01/2014 - 18:48:19 ---A- - C:\Windows\Prefetch\BULKOPERATIONHOST.EXE-A9AF81E9.pf
O45 - LFCP:[MD5.03D51D0226B99FA0C553AF969B9AB362] - 15/01/2014 - 20:54:25 ---A- - C:\Windows\Prefetch\POWERSHELL.EXE-767FB1AE.pf
O45 - LFCP:[MD5.1870287F8E95814821F603EB56973F18] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\MOBOGENIE_SETUP_UN.EXE-65DC0E46.pf
O45 - LFCP:[MD5.8F8E31E349EDEF1D25FEE7BA49B92435] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\SQLITE3.EXE-FBEC462D.pf
O45 - LFCP:[MD5.661633BBAC242EC683EA09D0C4E1C5C5] - 15/01/2014 - 20:54:26 ---A- - C:\Windows\Prefetch\UPDATEJUMPFLIP.EXE-D342AA66.pf
O45 - LFCP:[MD5.FCBD4D3F9B5947A40E3350197BC60F57] - 15/01/2014 - 20:54:33 ---A- - C:\Windows\Prefetch\FONDUE.EXE-142C2D15.pf
O45 - LFCP:[MD5.9983F3F724271184C1F75B68103F846C] - 15/01/2014 - 20:54:33 ---A- - C:\Windows\Prefetch\FONDUE.EXE-DE2CE179.pf
O45 - LFCP:[MD5.EB18B52A3F25D9D3B1271CA73B2C4B16] - 15/01/2014 - 20:55:10 ---A- - C:\Windows\Prefetch\MGADB.EXE-6E0807A1.pf
O45 - LFCP:[MD5.5E911E04CFF1EE04493376DDA3B0AD13] - 15/01/2014 - 20:55:10 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-0D86EF7B.pf
O45 - LFCP:[MD5.F9D10527F247352942C30AEBB5DE817F] - 15/01/2014 - 20:55:11 ---A- - C:\Windows\Prefetch\MGUSB.EXE-73B3DA58.pf
O45 - LFCP:[MD5.B9F95BB04EA0FBB443B29571690374C2] - 15/01/2014 - 20:55:15 ---A- - C:\Windows\Prefetch\DAEMONPROCESS.EXE-AADED971.pf
O45 - LFCP:[MD5.EE1719113810051F6EC5DF9D956FC39F] - 15/01/2014 - 20:55:32 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-56CAE1A4.pf
O45 - LFCP:[MD5.B172FC5269114F94F28F6E2DD9E6C7E1] - 15/01/2014 - 20:59:10 ---A- - C:\Windows\Prefetch\ZIPOPENERSETUP (1).EXE-5C9E3F5B.pf
O45 - LFCP:[MD5.338EA8BAA15D49B9F1E7161B420025E8] - 15/01/2014 - 20:59:44 ---A- - C:\Windows\Prefetch\OPENIT.EXE-BA512AE3.pf
O45 - LFCP:[MD5.E936A30E91134064097D15C461030804] - 15/01/2014 - 21:26:45 ---A- - C:\Windows\Prefetch\JRT (1).EXE-7311206A.pf
O45 - LFCP:[MD5.E2697A5BF34BBD9E0DC3E2A46D038231] - 15/01/2014 - 22:01:10 ---A- - C:\Windows\Prefetch\WGET.DAT-186B1E47.pf
O45 - LFCP:[MD5.D202CC4C99862938363C4AEA3330DC5D] - 15/01/2014 - 22:01:15 ---A- - C:\Windows\Prefetch\JRT.EXE-A6FBD988.pf
O45 - LFCP:[MD5.4DA2C163A496142F2E0A4BF498283886] - 15/01/2014 - 22:05:40 ---A- - C:\Windows\Prefetch\FC.EXE-F6221E79.pf
O45 - LFCP:[MD5.AC9B1425CDD47789C9D22A11ADE1F304] - 15/01/2014 - 22:05:54 ---A- - C:\Windows\Prefetch\CUT.DAT-EF1BF660.pf
O45 - LFCP:[MD5.5D53036BBE4F283AF76D7F61F90130DA] - 15/01/2014 - 22:06:17 ---A- - C:\Windows\Prefetch\FIND.EXE-9AADDA11.pf
O45 - LFCP:[MD5.FBDF1159A6D1433626DD12CDB5F77BA5] - 15/01/2014 - 22:06:37 ---A- - C:\Windows\Prefetch\NIRCMD.DAT-7A411C7D.pf
O45 - LFCP:[MD5.33A3B5D58CAAC40BB5145D7FEAAE868A] - 15/01/2014 - 22:07:09 ---A- - C:\Windows\Prefetch\SHORTCUT.DAT-BBEABF08.pf
O45 - LFCP:[MD5.560ADFF45FFD863B5D0F5581A748FAB8] - 15/01/2014 - 22:07:14 ---A- - C:\Windows\Prefetch\SED.DAT-72922D90.pf
O45 - LFCP:[MD5.B45F94B1DE461CFB08A291115AF7BBBC] - 16/01/2014 - 07:24:07 ---A- - C:\Windows\Prefetch\PfPre_c88321c2.db
O45 - LFCP:[MD5.49AD6E28E5CEFA410A88F36DFDD67810] - 16/01/2014 - 19:38:33 ---A- - C:\Windows\Prefetch\ECBL-SG.EXE-1FE6D083.pf
O45 - LFCP:[MD5.2AB2ED85241E4A524EE309E9FDDF6591] - 16/01/2014 - 19:40:28 ---A- - C:\Windows\Prefetch\WSHOST.EXE-3BD2AA25.pf
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\saloon\AppData\Local\Temp\Quarantine.exe [360073]
shortcutfix
proxyfix
sysrestore
emptyflash
emptytemp
emptyclsid