cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
[MD5.70EB41A4417BA0AA36AE12BF2B4D98F6] - (...) -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [244960] [PID.2248] =>Adware.Zugo
G1 - GCS: Preference [User Data\Default] http://search.tb.ask.com
G2 - GCE: Preference [User Data\Default] [gjngjhikmffiafannjcjkdediacimkmk] RadioRage v.5.81.3.12825, (Désactivé)
G2 - GCE: Preference [User Data\Default] [iechpocbkaimjmlpfinoahkolenfdmig] Red Crucible 2 v.1.6 (Activé)
G2 - GCE: Preference [User Data\Default] [lpgcdchhknbljifbmnkbpnhnomonjaei] Facebook événement Inviter rapide v.4.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mmclgeiaglomndjkoanmfchooefjhnki] Facebook Chat Pro v.1.0.0.10, (Activé)
G2 - GCE: Preference [User Data\Default] [nccllfnllopfpcbjdgjdlfmomnfgnnbk] MultiLogin v.0.1620 (Activé)
G2 - GCE: Preference [User Data\Default] [pcgjnifdiefhdmgignhfmecbpjbpplmj] Télécharger la vidéo v.3.1 (Désactivé)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D7F26D0E-9801-45C3-A091-8A65E4ED73B5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Clé orpheline
O4 - GS\TaskBar [moi]: فيس بوك.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.facebook.com =>Hijacker.Browsers
O4 - GS\Program [moi]: Google.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.google.dz =>Hijacker.Browsers
O4 - GS\Program [moi]: فيس بوك.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.facebook.com =>Hijacker.Browsers
O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.)
O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.)
O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.)
O4 - HKLM\..\Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.)
O4 - HKLM\..\Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\moi\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe (.not file.)
O4 - HKCU\..\Run: [65c2cc71c10e598e01721028dcd4bebb] . (...) -- C:\Users\moi\AppData\Local\Temp\dggh.exe
O4 - HKCU\..\Run: [Auto Hide IP] C:\Program Files (x86)\AutoHideIP\AutoHideIP.exe (.not file.)
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Intel\Logs\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [242b66c33cdb3ef101557abd8c8578df] . (...) -- C:\Users\moi\AppData\Local\Temp\smdf.exe
O4 - HKUS\S-1-5-21-1442010725-398429167-2410955076-1000\..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe (.not file.)
O4 - HKUS\S-1-5-21-1442010725-398429167-2410955076-1000\..\Run: [65c2cc71c10e598e01721028dcd4bebb] . (...) -- C:\Users\moi\AppData\Local\Temp\dggh.exe
O4 - HKUS\S-1-5-21-1442010725-398429167-2410955076-1000\..\Run: [Auto Hide IP] C:\Program Files (x86)\AutoHideIP\AutoHideIP.exe (.not file.)
O4 - HKUS\S-1-5-21-1442010725-398429167-2410955076-1000\..\Run: [242b66c33cdb3ef101557abd8c8578df] . (...) -- C:\Users\moi\AppData\Local\Temp\smdf.exe
O23 - Service: RadioRageService (RadioRage_4jService) . (.COMPANYVERS_NAME - PRODUCTVERS_TITLE.) - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
O23 - Service: Updater Service for StartNow Toolbar (Updater Service for StartNow Toolbar) . (...) - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AmiUpdXp.job [348] =>PUP.Software.Updater
[MD5.00000000000000000000000000000000] [APT] [AmiUpdXp] (...) -- C:\Users\moi\AppData\Local\SwvUpdater\Updater.exe (.not file.) [0] =>PUP.Software.Updater
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>GoforFiles
O42 - Logiciel: herdProtect Anti-Malware Scanner - (.Reason Company Software Inc..) [HKLM][64Bits] -- herdProtectScan =>Trojan.Trojan.Staser
[HKCU\Software\APN PIP]
[HKCU\Software\BIFROST1.2]
[HKCU\Software\RadioRage_4j]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\RadioRage_4j]
[HKLM\Software\Wow6432Node\StartNow Toolbar] =>Adware.Zugo
[HKLM\Software\Wow6432Node\The Game Assembly]
O43 - CFD: 19/11/2011 - 20:19:24 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 19/10/2013 - 07:48:15 - [9,080] ----D C:\Program Files (x86)\RadioRage_4j
O43 - CFD: 04/01/2013 - 22:38:24 - [3,071] ----D C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo
O43 - CFD: 19/12/2013 - 23:04:59 - [4,348] ----D C:\Users\moi\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 15/11/2013 - 13:14:41 - [0] ----D C:\Users\moi\AppData\Local\Conduit
O43 - CFD: 12/11/2013 - 19:22:43 - [0,003] ----D C:\Users\moi\AppData\Local\iLivid =>Adware.Bandoo
O69 - SBI: SearchScopes [HKCU] {414FB412-3F12-4188-857A-878096526E7C} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {B56BB3AD-E816-406A-AA9C-D8D0CACC8DEE} - (Protection ZoneAlarm Customized Web Search) - http://search.conduit.com
[MD5.C7C1521451ED6741EA59E05B4515ADCA] [SPRF][08/04/2005] (...) -- C:\Users\moi\AppData\Roaming\logs.dat [92]
O87 - FAEL: "{C337C470-EB71-4748-BF49-019D07BF875C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>GoforFiles
O87 - FAEL: "{777AD3BA-215D-46E5-98CF-8B998286349C}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>GoforFiles
O87 - FAEL: "{9DAF7643-A733-4F53-A755-CA8C61CB01C5}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>GoforFiles
O87 - FAEL: "{A8D4C048-E76E-4861-9627-BF9E2C9F5190}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>GoforFiles
[HKCU\Software\242b66c33cdb3ef101557abd8c8578df]:2b3328e57676df442688f81f9824276a="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
[HKCU\Software\242b66c33cdb3ef101557abd8c8578df]:5546459fd68bf16831797d2aa2e7d569="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
[HKCU\Software\242b66c33cdb3ef101557abd8c8578df]:682dfec8c66a0de6f1475ca73c462a69="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
[HKCU\Software\242b66c33cdb3ef101557abd8c8578df]:f8c065f4e758233f0d12dc9b8cf7a2ce="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNI
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 19/10/2013 44752 | (RadioRage_4jService) . (.COMPANYVERS_NAME.) - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
SR - | Auto 25/10/2011 244960 | (Updater Service for StartNow Toolbar) . (...) - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo
[HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar] =>Adware.Zugo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\herdProtectScan] =>Trojan.Trojan.Staser^
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] =>Toolbar.Agent
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\BIFROST1.2] =>Backdoor.Bifrose
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDE58148-57E7-43BF-879A-29CCE818C078}] =>Toolbar.eBay
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\84185EDF7E75FB3478A992CC8E810C87] =>Toolbar.eBay
[HKLM\Software\Classes\Installer\Products\84185EDF7E75FB3478A992CC8E810C87] =>Toolbar.eBay
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84185EDF7E75FB3478A992CC8E810C87] =>Toolbar.eBay
[HKLM\Software\Wow6432Node\Classes\Installer\Features\84185EDF7E75FB3478A992CC8E810C87] =>Toolbar.eBay
[HKLM\Software\Wow6432Node\Classes\Installer\Products\84185EDF7E75FB3478A992CC8E810C87] =>Toolbar.eBay
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5848763C-2668-44CA-ADBE-2999A6EE2858}] =>Toolbar.RadioRage
[HKLM\Software\Classes\Toolbar.CT2613520] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2613520] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo^
C:\Users\moi\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\moi\AppData\Local\iLivid =>Adware.Bandoo^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\RadioRage_4j =>Toolbar.RadioRage
C:\Users\moi\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\moi\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\moi\AppData\LocalLow\RadioRage_4j =>Toolbar.RadioRage
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo^
C:\Windows\Tasks\AmiUpdXp.job =>PUP.Software.Updater^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\StartNow Toolbar] =>Adware.Zugo^
C:\Users\moi\AppData\Local\Temp\conduitinstaller.exe =>Toolbar.Conduit
C:\Users\moi\AppData\Local\Temp\tbPro2.dll =>Toolbar.Conduit

EmptyFlash
EmptyTemp
EmptyClsid
FirewallRaz
Proxyfix
SysRestore

Publicité


Signaler le contenu de ce document

Publicité