Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\Software\IObit Apps]
[HKCU\Software\Store] =>PUP.Nosibay
[HKLM\Software\Wow6432Node\IObit Apps]
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart
O43 - CFD: 18/07/2014 - 16:26:55 - [0] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM
O43 - CFD: 06/06/2014 - 16:13:33 - [] ----D C:\ProgramData\Software =>Adware.Boxore
O90 - PUC: "4D7B2EA8AAB2D9B44A4F82D2D3031F0D" . (.IObit Apps Toolbar v7.2.) -- C:\Windows\Installer\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}\ARPPRODUCTICON.exe =>PUP.Dealio
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASAPI32 =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASMANCS =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASAPI32 =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASMANCS =>PUP.Zebar
[HKLM\Software\Google\Chrome\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg] =>PUP.CrossRider^
[HKLM\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae] =>PUP.Astromenda^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}] =>PUP.Dealio^
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg =>PUP.CrossRider^
C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae =>PUP.Astromenda^
C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM^
C:\ProgramData\Software =>Adware.Boxore^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^
O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F}
O43 - CFD: 31/12/2012 - 13:18:11 - [] ----D C:\ProgramData\clp
O43 - CFD: 22/08/2014 - 09:34:21 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 20/08/2014 - 12:14:19 - [] ----D C:\Users\hubert\AppData\Roaming\ProductData
[MD5.33F6F3131EE8854F05C6BEAEA233B85F] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1036]
[MD5.580BB8242B4B5D64FF645BA8A78084D2] - (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856] [PID.2840]
O2 - BHO: (no name) [64Bits] - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} Cl� orpheline
O2 - BHO: (no name) [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} Cl� orpheline
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Cl� orpheline
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E78569BE-555B-4B4A-B7E5-647C31CA7DDC} Cl� orpheline
[HKLM\Software\Wow6432Node\SOFTWARE]
O51 - MPSK:{514b8ed2-d26d-11e1-8dbe-806e6f6e6963}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
[HKCU\Software\MCAFEE]
O43 - CFD: 18/01/2014 - 09:41:40 - [] ----D C:\ProgramData\McAfee
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O61 - LFC: 20/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR.exe [8033232]
O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (1).exe [8033232]
O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (2).exe [8033232]
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Not Key.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Cl� orpheline
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][10/06/2014] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\af032.msi [475136]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
C:\Windows\Installer\af032.msi
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\Software\IObit Apps]
[HKCU\Software\Store] =>PUP.Nosibay
[HKLM\Software\Wow6432Node\IObit Apps]
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart
O43 - CFD: 18/07/2014 - 16:26:55 - [0] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM
O43 - CFD: 06/06/2014 - 16:13:33 - [] ----D C:\ProgramData\Software =>Adware.Boxore
O90 - PUC: "4D7B2EA8AAB2D9B44A4F82D2D3031F0D" . (.IObit Apps Toolbar v7.2.) -- C:\Windows\Installer\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}\ARPPRODUCTICON.exe =>PUP.Dealio
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASAPI32 =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASMANCS =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASAPI32 =>PUP.Zebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASMANCS =>PUP.Zebar
[HKLM\Software\Google\Chrome\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg] =>PUP.CrossRider^
[HKLM\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae] =>PUP.Astromenda^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}] =>PUP.Dealio^
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg =>PUP.CrossRider^
C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae =>PUP.Astromenda^
C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM^
C:\ProgramData\Software =>Adware.Boxore^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^
O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F}
O43 - CFD: 31/12/2012 - 13:18:11 - [] ----D C:\ProgramData\clp
O43 - CFD: 22/08/2014 - 09:34:21 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 20/08/2014 - 12:14:19 - [] ----D C:\Users\hubert\AppData\Roaming\ProductData
[MD5.33F6F3131EE8854F05C6BEAEA233B85F] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1036]
[MD5.580BB8242B4B5D64FF645BA8A78084D2] - (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856] [PID.2840]
O2 - BHO: (no name) [64Bits] - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} Cl� orpheline
O2 - BHO: (no name) [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} Cl� orpheline
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Cl� orpheline
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E78569BE-555B-4B4A-B7E5-647C31CA7DDC} Cl� orpheline
[HKLM\Software\Wow6432Node\SOFTWARE]
O51 - MPSK:{514b8ed2-d26d-11e1-8dbe-806e6f6e6963}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
[HKCU\Software\MCAFEE]
O43 - CFD: 18/01/2014 - 09:41:40 - [] ----D C:\ProgramData\McAfee
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O61 - LFC: 20/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR.exe [8033232]
O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (1).exe [8033232]
O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (2).exe [8033232]
O67 - Shell Spawning: <.html>
O68 - StartMenuInternet:
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Cl� orpheline
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][10/06/2014] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\af032.msi [475136]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]
C:\Windows\Installer\af032.msi