cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
G1 - GCS: Preference [User Data\Default] http://www.qlubic.fr
G0 - GCSP: Preference [User Data\Default] , "http://mysearch.avg.com =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [fjhemikjhppjfegmmielgmgfonmbfglb] Utility Chest v.5.53.2.59707, (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [fkfheeioeeodjkkdeeafdkainbdmleef] Webexp Enhanced v.1.1 (D�sactiv�) =>PUP.WebexpEnhanced
G2 - GCE: Preference [User Data\Default] [mmifolfpllfdhilecpdpmemhelmanajl] Better Surf Plus v.1.1 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.6.0 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjpeoeonpjkelaeiaedjdedkbeeedgld] Isavver v.4.6 (Activ�)
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\patwujo9.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\patwujo9.default\searchplugins\BitGuard.xml =>PUP.BitGuard
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\espacesimo.xml
M2 - MFEP: prefs.js [Administrateur - patwujo9.default\az.fl5@ddszibsqb.edu] [] EExstraCOUpon v4.3 (..)
M2 - MFEP: prefs.js [Administrateur - patwujo9.default\eyoecsuk@wa-.org] [] Isavver v4.6 (..)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qlubic.fr
O2 - BHO: Isavver - {07CEBE6B-6DBD-9B7D-6FAD-8477FB1AB41E} . (...) -- C:\Documents and Settings\All Users\Application Data\Isavver\uh2wwaxt.dll
O2 - BHO: EExstraCOUpon - {DB2D38EB-6C66-D34C-28CE-FCD7193D6864} . (...) -- C:\Documents and Settings\All Users\Application Data\EExstraCOUpon\cXt.dll
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propri�taire - CameraMonitor Application.) -- C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] Cl� orpheline
O4 - HKLM\..\Run: [T14Z405] . (...) -- C:\WINDOWS\sa-77400.exe
O4 - HKLM\..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (.not file.)
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [T1136400TT4] . (...) -- C:\WINDOWS\system32\440510201528l.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] Cl� orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] Cl� orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] Cl� orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] Cl� orpheline
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O23 - Service: Performance Optimizer (035d80ae) . (...) - c:\docume~1\alluse~1\applic~1\perfor~1\PerformanceOptimizerSvc.dll
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AmiUpdXp.job [432] =>PUP.Software.Updater
[MD5.12C6E72F197AA30823F2A1F675A49259] [APT] [AmiUpdXp] (.Amonetiz� Ltd.) -- C:\Documents and Settings\Administrateur\Application Data\SwvUpdater\Updater.exe [291880] =>PUP.Software.Updater
O42 - Logiciel: Downlloadd. keeepeR - (.DownlloAd, kkeepeR.) [HKLM] -- {C1A27135-69EB-8D44-7358-34727DD7B820} =>PUP.DownloadKeeper
O42 - Logiciel: Performance Optimizer - (.Winteam.) [HKLM] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{35d80ae}
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader

[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr

[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Softonic] =>Toolbar.Conduit

[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKLM\Software\BetterSurf] =>PUP.BetterSurf
[HKLM\Software\BrowseFox] =>Adware.BrowseFox
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector] =>PUP.Mocaflix
[HKLM\Software\babylontoolbar] =>PUP.Babylon
O43 - CFD: 10/12/2013 - 18:48:52 - [0,118] ----D C:\Program Files\BetterSurf =>PUP.BetterSurf

O43 - CFD: 08/01/2014 - 08:21:52 - [2,935] ----D C:\Program Files\PutLockerDownloader =>Spyware.PutLocker
O43 - CFD: 27/12/2013 - 11:03:58 - [0] ----D C:\Program Files\ss helper =>Adware.SaveShare
O43 - CFD: 27/12/2013 - 11:03:58 - [0] ----D C:\Program Files\Ss.Helper =>Adware.SaveShare
O43 - CFD: 18/09/2013 - 22:54:57 - [0] ----D C:\Documents and Settings\All Users\Application Data\Babylon =>PUP.Babylon
O43 - CFD: 20/09/2013 - 00:13:10 - [0,082] ----D C:\Documents and Settings\All Users\Application Data\BitGuard =>PUP.BitGuard
O43 - CFD: 20/10/2013 - 10:02:41 - [0,425] ----D C:\Documents and Settings\All Users\Application Data\Downlloadd. keeepeR =>PUP.DownloadKeeper
O43 - CFD: 19/09/2013 - 12:21:09 - [0] ----D C:\Documents and Settings\All Users\Application Data\saavEnnShharE =>Adware.SaveShare
O43 - CFD: 20/09/2013 - 00:01:53 - [3,969] ----D C:\Documents and Settings\Administrateur\Application Data\AdbDriverInstaller
O43 - CFD: 18/09/2013 - 22:54:57 - [0,006] ----D C:\Documents and Settings\Administrateur\Application Data\Babylon =>PUP.Babylon
O43 - CFD: 17/11/2013 - 16:33:08 - [5,003] ----D C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy
O43 - CFD: 18/11/2013 - 21:12:47 - [0,281] ----D C:\Documents and Settings\Administrateur\Application Data\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 08/01/2014 - 16:23:06 - [0,220] ----D C:\Documents and Settings\Administrateur\Menu D�marrer\Programmes\PutLockerDownloader.com =>Spyware.PutLocker
O44 - LFC:[MD5.C2B34C77C806245619918B3618E2D0CD] - 04/01/2014 - 23:08:58 -SH-- . (...) -- C:\WINDOWS\Ti201528ta.exe [32768]
O44 - LFC:[MD5.C2B34C77C806245619918B3618E2D0CD] - 04/01/2014 - 23:08:58 -SH-- . (...) -- C:\WINDOWS\sa-077400.exe [32768]
O44 - LFC:[MD5.C2B34C77C806245619918B3618E2D0CD] - 04/01/2014 - 23:08:58 -SH-- . (...) -- C:\WINDOWS\sa-77400.exe [32768]
O47 - AAKE:Key Export SP - "H:\vous Porn.exe" [Enabled] .(...) -- H:\vous Porn.exe (.not file.)

O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("aol_toolbar.default.homepage.check", false);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("aol_toolbar.default.search.check", false);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.BabylonToolbar.prtkDS", 0); =>PUP.Babylon
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.BabylonToolbar.prtkHmpg", 0); =>PUP.Babylon
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.bbDpng", "21");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.cntry", "DZ");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.dfltLng", "fr");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.hdrMd5", "69F178C5ED99EC8301EFBC57B6E0FB37");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.id", "0c1194140000000000008c89a5ca8335");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.instlDay", "15967");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.lastVrsnTs", "1.8.24.623:13:22");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.vrsn", "1.8.24.6");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.vrsnTs", "1.8.24.623:13:22");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta.vrsni", "1.8.24.6");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta_i.babTrack", "affID=119776&tt=160913_m3&tsp=5010");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); =>PUP.SweetIM
O69 - SBI: prefs.js [Administrateur - patwujo9.default] user_pref("sweetim.toolbar.searchguard.enable", "false"); =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://http://www.golsearch.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {4FC1B895-E129-4345-B101-CF4EF5EF80C8} - (Google) - http://www.qlubic.fr


[HKLM\Software\Google\Chrome\Extensions\fkfheeioeeodjkkdeeafdkainbdmleef] =>PUP.WebexpEnhanced^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820}] =>PUP.DownloadKeeper^
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}] =>Adware.AdRotator
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\PutLockerDownloader] =>Spyware.PutLocker
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}] =>Adware.SaveShare
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkfheeioeeodjkkdeeafdkainbdmleef =>PUP.WebexpEnhanced^
C:\Program Files\BetterSurf =>PUP.BetterSurf^
C:\Program Files\PutLockerDownloader =>Spyware.PutLocker^
C:\Program Files\ss helper =>Adware.SaveShare^
C:\Program Files\Ss.Helper =>Adware.SaveShare^
C:\Documents and Settings\All Users\Application Data\Babylon =>PUP.Babylon^
C:\Documents and Settings\All Users\Application Data\BitGuard =>PUP.BitGuard^
C:\Documents and Settings\All Users\Application Data\Downlloadd. keeepeR =>PUP.DownloadKeeper^
C:\Documents and Settings\All Users\Application Data\saavEnnShharE =>Adware.SaveShare^
C:\Documents and Settings\Administrateur\Application Data\Babylon =>PUP.Babylon^
C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy^
C:\Documents and Settings\Administrateur\Application Data\SwvUpdater =>PUP.Software.Updater^
C:\Documents and Settings\Administrateur\Menu D�marrer\Programmes\PutLockerDownloader.com =>Spyware.PutLocker^
C:\Program Files\UtilityChest_49 Chrome Extension =>Adware.MyWebSearch
C:\Documents and Settings\All Users\Application Data\InstallMate =>PUP.Tarma
C:\WINDOWS\Tasks\AmiUpdXp.job =>PUP.Software.Updater^
C:\Documents and Settings\Administrateur\Application Data\SwvUpdater\Updater.exe =>PUP.Software.Updater^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKLM\Software\BetterSurf] =>PUP.BetterSurf^
[HKLM\Software\BrowseFox] =>Adware.BrowseFox^
[HKLM\Software\babylontoolbar] =>PUP.Babylon^

EmptyCLSID
ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore

Publicité


Signaler le contenu de ce document

Publicité