Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\Software\Win]
O43 - CFD: 24/08/2014 - 23:32:41 - [] ----D C:\Program Files (x86)\OBS
O43 - CFD: 10/12/2014 - 15:11:24 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 24/08/2014 - 23:32:47 - [] ----D C:\Users\mickael\AppData\Roaming\OBS
O43 - CFD: 06/12/2014 - 14:41:01 - [] ----D C:\Users\mickael\AppData\Roaming\ProductData
O43 - CFD: 06/09/2014 - 15:07:05 - [] ----D C:\Users\mickael\AppData\Roaming\Reg
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.4972] =>PUP.SupTab
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [mickael]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [mickael]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [mickael]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [mickael]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Program [mickael]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Desktop [mickael]: ParetoLogic PC Health Advisor.lnk . (...) -- C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe (.not file.) =>Rogue.PCHealthAdvisor
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\Performance Optimizer\PerformanceOptimizer_x64.dll (.not file.) =>PUP.PerformanceOptimizer
O23 - Service: Performance Optimizer (892cc6a3) . (...) - c:\progra~3\performance optimizer\performanceoptimizerSvc.dll =>PUP.PerformanceOptimizer
O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 3.42.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: KMS-host Service (KMSEmulator) . (.MDL Forums, mod by Ratiborus - KMS Server Emulator Service.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\KMSSS.exe =>Trojan.AutoKMS
O23 - Service: TunMirror (TunMirror) . (.Pas de propri�taire - TunMirror.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\TunMirror.exe =>Trojan.AutoKMS
O42 - Logiciel: Performance Optimizer - (.Linker Ltd.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3} =>PUP.PerformanceOptimizer
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.IsStart
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
O43 - CFD: 03/12/2014 - 18:06:12 - [] ----D C:\Program Files (x86)\BuyNsave =>PUP.BuyNSave
O43 - CFD: 06/11/2014 - 17:49:24 - [] ----D C:\Program Files (x86)\Hotspot Shield
O43 - CFD: 06/12/2014 - 14:41:03 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 06/11/2014 - 17:49:22 - [] ----D C:\ProgramData\Hotspot Shield
O43 - CFD: 10/09/2014 - 02:45:23 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 08/12/2014 - 21:46:19 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 22/09/2014 - 13:06:14 - [] ----D C:\ProgramData\Performance Optimizer =>PUP.PerformanceOptimizer
O43 - CFD: 25/11/2014 - 01:48:09 - [] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 08/12/2014 - 21:47:26 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 06/11/2014 - 17:49:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 06/09/2014 - 15:07:05 - [] ----D C:\Users\mickael\AppData\Roaming\app
O43 - CFD: 01/10/2014 - 15:18:51 - [] ----D C:\Users\mickael\AppData\Roaming\dclogs
O43 - CFD: 06/11/2014 - 17:49:04 - [] ----D C:\Users\mickael\AppData\Roaming\Hotspot Shield
O43 - CFD: 08/12/2014 - 21:45:35 - [] ----D C:\Users\mickael\AppData\Roaming\istartsurf =>PUP.IsStart
O43 - CFD: 08/12/2014 - 11:05:39 - [] ----D C:\Users\mickael\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 08/12/2014 - 11:05:37 - [] ----D C:\Users\mickael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic =>PUP.Paretologic
O45 - LFCP:[MD5.56E3F8FDEE92099602B7FF06B7127404] - 08/12/2014 - 11:05:36 ---A- - C:\Windows\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-D0CDF337.pf =>Rogue.PCHealthAdvisor
O61 - LFC: 06/12/2014 - 21:57:00 ----- . (...) -- C:\Users\mickael\AppData\Local\Ankama\Dofus2\transition\libupdater.dll [172032] =>Adware.InstallBrain
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.ParetoLogic Inc..) -- C:\Users\mickael\Downloads\ParetoLogic PC Health Advisor_fr.exe [5248216] =>Rogue.PCHealthAdvisor
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.istartsurf.com =>PUP.IsStart
SS - | Demand 17/05/2014 78512 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
SS - | Auto 16/05/2014 430344 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
SS - | Auto 10/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 21/09/2014 186192 | c:\progra~3\performance optimizer\performanceoptimizerSvc.dll (892cc6a3) . (...) - C:\ProgramData\Performance Optimizer\performanceoptimizerSvc.dll =>PUP.PerformanceOptimizer
SR - | Auto 17/05/2014 919040 | (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
SR - | Auto 22/11/2013 183808 | (KMSEmulator) . (.MDL Forums, mod by Ratiborus.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\KMSSS.exe =>Trojan.AutoKMS
SR - | Auto 22/11/2013 10752 | (TunMirror) . (...) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\TunMirror.exe =>Trojan.AutoKMS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\SYSTEM\CurrentControlSet\Services\892cc6a3] =>PUP.PerformanceOptimizer^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator] =>Trojan.AutoKMS^
[HKLM\SYSTEM\CurrentControlSet\Services\TunMirror] =>Trojan.AutoKMS^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}] =>PUP.PerformanceOptimizer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall] =>PUP.IsStart^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
C:\Program Files (x86)\BuyNsave =>PUP.BuyNSave^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\Performance Optimizer =>PUP.PerformanceOptimizer^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\mickael\AppData\Roaming\istartsurf =>PUP.IsStart^
C:\Users\mickael\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\mickael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic =>PUP.Paretologic^
C:\Program Files (x86)\SupTab\Loader32.exe =>PUP.SupTab^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.2412]
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Cl� orpheline
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-1504485575-3991963769-2355739380-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe
O9 - Extra button: Classic IE Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Cl� orpheline
[MD5.00000000000000000000000000000000] [APT] [{46C127E0-F884-4850-966C-2F91238EAB7D}] (...) -- C:\AeriaGames\WolfTeam-FR\aeria_launcher.exe (.not file.) [0]
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai
O43 - CFD: 22/09/2014 - 13:06:16 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 03/11/2014 - 23:57:27 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 03/09/2014 - 16:43:18 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 29/10/2014 - 14:15:05 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GBE Games
O43 - CFD: 06/12/2014 - 14:41:03 - [] ----D C:\Users\mickael\AppData\Local\Akamai
O44 - LFC:[MD5.A3F446F1E2B8C6ECE56F608FB32B8DC6] - 07/12/2014 - 02:07:00 ---A- . (.Microsoft Corporation - Outil de Registre de la console.) -- C:\Windows\System32\reg.exe [73216]
O58 - SDL:21/07/2014 - 17:08:16 --HA- . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\Windows\System32\Drivers\Hamdrv.sys [46136]
[HKCU\Software\Drivers]
O44 - LFC:[MD5.17E650E888D57AB51E9C3494E49A2045] - 07/12/2014 - 02:07:11 ---A- . (.Microsoft Corporation - Microsoft � Console Based Script Host.) -- C:\Windows\System32\cscript.exe [158720]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD8EFBBE-564F-4C5B-8A66-3D7759CECE7E}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD8EFBBE-564F-4C5B-8A66-3D7759CECE7E}: DhcpNameServer = 8.8.8.8
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Gameforge.) -- C:\Users\mickael\Downloads\SKILL_GameforgeLiveSetup.exe [20226640]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Riot Games.) -- C:\Users\mickael\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe [30668968]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Uniblue Systems Limited.) -- C:\Users\mickael\Downloads\pcmechanicpm (1).exe [1166272]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Uniblue Systems Limited.) -- C:\Users\mickael\Downloads\pcmechanicpm.exe [1166272]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\DLLSuite (1).exe [7458816]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\DLLSuite_Setup.exe [16578402]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\MaConfig_win.exe [255880]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\camtasia_8-4-4_fr_10052.exe [258658104]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.Dll-Files.com.) -- C:\Users\mickael\Downloads\dffsetup-ntdll (1).exe [5344984]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.Dll-Files.com.) -- C:\Users\mickael\Downloads\dffsetup-ntdll.exe [5344984]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.SORCIM Technologies Pvt Ltd.) -- C:\Users\mickael\Downloads\reginout_setup.exe [2162624]
O61 - LFC: 10/12/2014 - 21:57:36 ---A- . (.Microsoft Corporation.) -- C:\Users\mickael\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe [2721168]
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
O4 - GS\Startup [mickael]: Gold Barre.lnk . (.Gold Barre - Gold Barre.) -- C:\Program Files\gold barre\Gold Barre.exe
O42 - Logiciel: Gold Barre - (...) [HKLM][64Bits] -- Gold Barre
[HKCU\Software\Gold Barre]
[HKCU\Software\Softonic]
O43 - CFD: 24/09/2014 - 18:56:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gold Barre
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gold Barre]
[HKCU\Software\Softonic]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gold Barre
[HKCU\Software\Gold Barre]
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\Software\Win]
O43 - CFD: 24/08/2014 - 23:32:41 - [] ----D C:\Program Files (x86)\OBS
O43 - CFD: 10/12/2014 - 15:11:24 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 24/08/2014 - 23:32:47 - [] ----D C:\Users\mickael\AppData\Roaming\OBS
O43 - CFD: 06/12/2014 - 14:41:01 - [] ----D C:\Users\mickael\AppData\Roaming\ProductData
O43 - CFD: 06/09/2014 - 15:07:05 - [] ----D C:\Users\mickael\AppData\Roaming\Reg
[MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.4972] =>PUP.SupTab
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [mickael]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\QuickLaunch [mickael]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [mickael]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\TaskBar [mickael]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Program [mickael]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart
O4 - GS\Desktop [mickael]: ParetoLogic PC Health Advisor.lnk . (...) -- C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe (.not file.) =>Rogue.PCHealthAdvisor
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\Performance Optimizer\PerformanceOptimizer_x64.dll (.not file.) =>PUP.PerformanceOptimizer
O23 - Service: Performance Optimizer (892cc6a3) . (...) - c:\progra~3\performance optimizer\performanceoptimizerSvc.dll =>PUP.PerformanceOptimizer
O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 3.42.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: KMS-host Service (KMSEmulator) . (.MDL Forums, mod by Ratiborus - KMS Server Emulator Service.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\KMSSS.exe =>Trojan.AutoKMS
O23 - Service: TunMirror (TunMirror) . (.Pas de propri�taire - TunMirror.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\TunMirror.exe =>Trojan.AutoKMS
O42 - Logiciel: Performance Optimizer - (.Linker Ltd.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3} =>PUP.PerformanceOptimizer
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.IsStart
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
O43 - CFD: 03/12/2014 - 18:06:12 - [] ----D C:\Program Files (x86)\BuyNsave =>PUP.BuyNSave
O43 - CFD: 06/11/2014 - 17:49:24 - [] ----D C:\Program Files (x86)\Hotspot Shield
O43 - CFD: 06/12/2014 - 14:41:03 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 06/11/2014 - 17:49:22 - [] ----D C:\ProgramData\Hotspot Shield
O43 - CFD: 10/09/2014 - 02:45:23 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 08/12/2014 - 21:46:19 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 22/09/2014 - 13:06:14 - [] ----D C:\ProgramData\Performance Optimizer =>PUP.PerformanceOptimizer
O43 - CFD: 25/11/2014 - 01:48:09 - [] ----D C:\ProgramData\Trymedia =>Adware.Trymedia
O43 - CFD: 08/12/2014 - 21:47:26 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 06/11/2014 - 17:49:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 06/09/2014 - 15:07:05 - [] ----D C:\Users\mickael\AppData\Roaming\app
O43 - CFD: 01/10/2014 - 15:18:51 - [] ----D C:\Users\mickael\AppData\Roaming\dclogs
O43 - CFD: 06/11/2014 - 17:49:04 - [] ----D C:\Users\mickael\AppData\Roaming\Hotspot Shield
O43 - CFD: 08/12/2014 - 21:45:35 - [] ----D C:\Users\mickael\AppData\Roaming\istartsurf =>PUP.IsStart
O43 - CFD: 08/12/2014 - 11:05:39 - [] ----D C:\Users\mickael\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 08/12/2014 - 11:05:37 - [] ----D C:\Users\mickael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic =>PUP.Paretologic
O45 - LFCP:[MD5.56E3F8FDEE92099602B7FF06B7127404] - 08/12/2014 - 11:05:36 ---A- - C:\Windows\Prefetch\PARETOLOGIC PC HEALTH ADVISOR-D0CDF337.pf =>Rogue.PCHealthAdvisor
O61 - LFC: 06/12/2014 - 21:57:00 ----- . (...) -- C:\Users\mickael\AppData\Local\Ankama\Dofus2\transition\libupdater.dll [172032] =>Adware.InstallBrain
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.ParetoLogic Inc..) -- C:\Users\mickael\Downloads\ParetoLogic PC Health Advisor_fr.exe [5248216] =>Rogue.PCHealthAdvisor
O68 - StartMenuInternet:
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.istartsurf.com =>PUP.IsStart
SS - | Demand 17/05/2014 78512 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
SS - | Auto 16/05/2014 430344 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
SS - | Auto 10/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 21/09/2014 186192 | c:\progra~3\performance optimizer\performanceoptimizerSvc.dll (892cc6a3) . (...) - C:\ProgramData\Performance Optimizer\performanceoptimizerSvc.dll =>PUP.PerformanceOptimizer
SR - | Auto 17/05/2014 919040 | (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
SR - | Auto 22/11/2013 183808 | (KMSEmulator) . (.MDL Forums, mod by Ratiborus.) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\KMSSS.exe =>Trojan.AutoKMS
SR - | Auto 22/11/2013 10752 | (TunMirror) . (...) - C:\Users\mickael\Desktop\KMSAuto NET 1.0.3 Portable\bin\TunMirror.exe =>Trojan.AutoKMS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\SYSTEM\CurrentControlSet\Services\892cc6a3] =>PUP.PerformanceOptimizer^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\KMSEmulator] =>Trojan.AutoKMS^
[HKLM\SYSTEM\CurrentControlSet\Services\TunMirror] =>Trojan.AutoKMS^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}] =>PUP.PerformanceOptimizer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall] =>PUP.IsStart^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
C:\Program Files (x86)\BuyNsave =>PUP.BuyNSave^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\Performance Optimizer =>PUP.PerformanceOptimizer^
C:\ProgramData\Trymedia =>Adware.Trymedia^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\mickael\AppData\Roaming\istartsurf =>PUP.IsStart^
C:\Users\mickael\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\mickael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic =>PUP.Paretologic^
C:\Program Files (x86)\SupTab\Loader32.exe =>PUP.SupTab^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.2412]
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Cl� orpheline
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-1504485575-3991963769-2355739380-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\mickael\AppData\Local\Akamai\netsession_win.exe
O9 - Extra button: Classic IE Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Cl� orpheline
[MD5.00000000000000000000000000000000] [APT] [{46C127E0-F884-4850-966C-2F91238EAB7D}] (...) -- C:\AeriaGames\WolfTeam-FR\aeria_launcher.exe (.not file.) [0]
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai
O43 - CFD: 22/09/2014 - 13:06:16 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 03/11/2014 - 23:57:27 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 03/09/2014 - 16:43:18 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 29/10/2014 - 14:15:05 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GBE Games
O43 - CFD: 06/12/2014 - 14:41:03 - [] ----D C:\Users\mickael\AppData\Local\Akamai
O44 - LFC:[MD5.A3F446F1E2B8C6ECE56F608FB32B8DC6] - 07/12/2014 - 02:07:00 ---A- . (.Microsoft Corporation - Outil de Registre de la console.) -- C:\Windows\System32\reg.exe [73216]
O58 - SDL:21/07/2014 - 17:08:16 --HA- . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\Windows\System32\Drivers\Hamdrv.sys [46136]
[HKCU\Software\Drivers]
O44 - LFC:[MD5.17E650E888D57AB51E9C3494E49A2045] - 07/12/2014 - 02:07:11 ---A- . (.Microsoft Corporation - Microsoft � Console Based Script Host.) -- C:\Windows\System32\cscript.exe [158720]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD8EFBBE-564F-4C5B-8A66-3D7759CECE7E}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD8EFBBE-564F-4C5B-8A66-3D7759CECE7E}: DhcpNameServer = 8.8.8.8
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Gameforge.) -- C:\Users\mickael\Downloads\SKILL_GameforgeLiveSetup.exe [20226640]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Riot Games.) -- C:\Users\mickael\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe [30668968]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Uniblue Systems Limited.) -- C:\Users\mickael\Downloads\pcmechanicpm (1).exe [1166272]
O61 - LFC: 07/12/2014 - 21:57:33 ---A- . (.Uniblue Systems Limited.) -- C:\Users\mickael\Downloads\pcmechanicpm.exe [1166272]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\DLLSuite (1).exe [7458816]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\DLLSuite_Setup.exe [16578402]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\MaConfig_win.exe [255880]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (...) -- C:\Users\mickael\Downloads\camtasia_8-4-4_fr_10052.exe [258658104]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.Dll-Files.com.) -- C:\Users\mickael\Downloads\dffsetup-ntdll (1).exe [5344984]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.Dll-Files.com.) -- C:\Users\mickael\Downloads\dffsetup-ntdll.exe [5344984]
O61 - LFC: 08/12/2014 - 21:57:33 ---A- . (.SORCIM Technologies Pvt Ltd.) -- C:\Users\mickael\Downloads\reginout_setup.exe [2162624]
O61 - LFC: 10/12/2014 - 21:57:36 ---A- . (.Microsoft Corporation.) -- C:\Users\mickael\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe [2721168]
O67 - Shell Spawning: <.html>
O4 - GS\Startup [mickael]: Gold Barre.lnk . (.Gold Barre - Gold Barre.) -- C:\Program Files\gold barre\Gold Barre.exe
O42 - Logiciel: Gold Barre - (...) [HKLM][64Bits] -- Gold Barre
[HKCU\Software\Gold Barre]
[HKCU\Software\Softonic]
O43 - CFD: 24/09/2014 - 18:56:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gold Barre
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gold Barre]
[HKCU\Software\Softonic]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gold Barre
[HKCU\Software\Gold Barre]