Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
SysRestore
[MD5.E2A09CE4D360A2DD5020B469D283E663] [APT] [Run_Bobby_Browser] (...) -- C:\Users\Martin\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) [324224] (.Activate.) =>PUP.Optional.BoBrowser
O39 - APT: crash_service - (...) -- C:\Windows\System32\Tasks\crash_service [324224] (.Orphan.) =>PUP.Optional.BoBrowser
O39 - APT: Run_Bobby_Browser - (...) -- C:\Windows\System32\Tasks\Run_Bobby_Browser
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Martin\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE (.not file.)
O4 - HKCU\..\Run: [CrashService] C:\Users\Martin\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKCU\..\Run: [WindApp] C:\Users\Martin\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\Martin\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKLM\..\Wow6432Node\Run: [mpck_fr_017010146] (.Orphan.)
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Martin\AppData\Roaming\cacaoweb\cacaoweb.exe =>.Superfluous.CacaoWeb
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE (.not file.)
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [CrashService] C:\Users\Martin\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [WindApp] C:\Users\Martin\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [Selection Tools] C:\Users\Martin\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>.Superfluous.Nosibay
G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r.goo.mx
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.oursurfing.com =>PUP.Optional.OurSurfing
G0 - GCSP: Preferences [User Data\Default][HomePage] http://xa.xingcloud.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/
P2 - EXT: (.http://www.cacaoweb.org/ - cacaoweb.) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\wje088ex.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (.Orphan.)
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
C:\Program Files (x86)\Framed Display
O43 - CFD: 16/11/2015 - [] D -- C:\Program Files (x86)\Iminent
O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\TempMoudleSet
O43 - CFD: 14/10/2014 - [] D -- C:\Users\Martin\AppData\Roaming\Astromenda
O43 - CFD: 16/11/2015 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\ScreenSnapshotTool
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"cacaoweb@cacaoweb.org\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming[...] =>.Superfluous.CacaoWeb
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.LayoutId", "1"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.adapters", "{\"widgets.livesticker.com\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"[...] =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.cifs", "0"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"ad[...] =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.version", "9.38.3.2"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.versioning", "{\"CurrentVersion\":\"9.38.3.2\",\"InstallEventCTime\":1447696658785,\"InstallEvent\":\"True\"}")[...] =>PUP.Optional.IMBooster
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Conduit =>.Superfluous.Conduit
HKLM\SOFTWARE\Wow6432Node\Framed Display =>PUP.Optional.FramedDisplay
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Iminent =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\cacaoweb =>.Superfluous.CacaoWeb
HKCU\SOFTWARE\Conduit =>.Superfluous.Conduit
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\Framed Display =>PUP.Optional.FramedDisplay
HKCU\SOFTWARE\Iminent =>PUP.Optional.IMBooster
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\MustangExt =>.Superfluous.MustangBrowser
HKCU\SOFTWARE\Nosibay =>PUP.Optional.SPointer
HKCU\SOFTWARE\Store =>PUP.Optional.Generic
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\WTools =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Roaming\Nosibay =>PUP.Optional.BubbleDock
C:\Users\Martin\AppData\Roaming\PDAppFlex =>Trojan.Elpman
C:\Users\Martin\AppData\Roaming\Store =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Roaming\WTools =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Local\CrashRpt =>.Superfluous.CrashReports
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>PUP.Optional.OurSurfing
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>PUP.Optional.OurSurfing
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
SysRestore
[MD5.E2A09CE4D360A2DD5020B469D283E663] [APT] [Run_Bobby_Browser] (...) -- C:\Users\Martin\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) [324224] (.Activate.) =>PUP.Optional.BoBrowser
O39 - APT: crash_service - (...) -- C:\Windows\System32\Tasks\crash_service [324224] (.Orphan.) =>PUP.Optional.BoBrowser
O39 - APT: Run_Bobby_Browser - (...) -- C:\Windows\System32\Tasks\Run_Bobby_Browser
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Martin\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE (.not file.)
O4 - HKCU\..\Run: [CrashService] C:\Users\Martin\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKCU\..\Run: [WindApp] C:\Users\Martin\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\Martin\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKLM\..\Wow6432Node\Run: [mpck_fr_017010146] (.Orphan.)
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Martin\AppData\Roaming\cacaoweb\cacaoweb.exe =>.Superfluous.CacaoWeb
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE (.not file.)
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [CrashService] C:\Users\Martin\AppData\Local\BoBrowser\Application\crash_service.exe (.not file.) =>PUP.Optional.BoBrowser
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [WindApp] C:\Users\Martin\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>.Superfluous.Nosibay
O4 - HKUS\S-1-5-21-3883182004-1232709763-1425186247-1001\..\Run: [Selection Tools] C:\Users\Martin\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>.Superfluous.Nosibay
G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r.goo.mx
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.oursurfing.com =>PUP.Optional.OurSurfing
G0 - GCSP: Preferences [User Data\Default][HomePage] http://xa.xingcloud.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/
P2 - EXT: (.http://www.cacaoweb.org/ - cacaoweb.) -- C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\wje088ex.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (.Orphan.)
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
C:\Program Files (x86)\Framed Display
O43 - CFD: 16/11/2015 - [] D -- C:\Program Files (x86)\Iminent
O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\TempMoudleSet
O43 - CFD: 14/10/2014 - [] D -- C:\Users\Martin\AppData\Roaming\Astromenda
O43 - CFD: 16/11/2015 - [] -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\ScreenSnapshotTool
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"cacaoweb@cacaoweb.org\":{\"d\":\"C:\\\\Users\\\\Martin\\\\AppData\\\\Roaming[...] =>.Superfluous.CacaoWeb
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.LayoutId", "1"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.adapters", "{\"widgets.livesticker.com\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":2,\"AdapterKey\":\"[...] =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.cifs", "0"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"ad[...] =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.version", "9.38.3.2"); =>PUP.Optional.IMBooster
O69 - SBI: prefs.js [Martin - wje088ex.default] user_pref("iminent.versioning", "{\"CurrentVersion\":\"9.38.3.2\",\"InstallEventCTime\":1447696658785,\"InstallEvent\":\"True\"}")[...] =>PUP.Optional.IMBooster
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Clara =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\Conduit =>.Superfluous.Conduit
HKLM\SOFTWARE\Wow6432Node\Framed Display =>PUP.Optional.FramedDisplay
HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Iminent =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\BoBrowser =>PUP.Optional.BoBrowser
HKCU\SOFTWARE\cacaoweb =>.Superfluous.CacaoWeb
HKCU\SOFTWARE\Conduit =>.Superfluous.Conduit
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\Framed Display =>PUP.Optional.FramedDisplay
HKCU\SOFTWARE\Iminent =>PUP.Optional.IMBooster
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\MustangExt =>.Superfluous.MustangBrowser
HKCU\SOFTWARE\Nosibay =>PUP.Optional.SPointer
HKCU\SOFTWARE\Store =>PUP.Optional.Generic
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\WTools =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Roaming\Nosibay =>PUP.Optional.BubbleDock
C:\Users\Martin\AppData\Roaming\PDAppFlex =>Trojan.Elpman
C:\Users\Martin\AppData\Roaming\Store =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Roaming\WTools =>.Superfluous.Nosibay
C:\Users\Martin\AppData\Local\CrashRpt =>.Superfluous.CrashReports
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>PUP.Optional.OurSurfing
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>PUP.Optional.OurSurfing