cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
[MD5.8E52B0C51A6C2D2CE7AAFFBABBA3A79C] - (.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe [652800] [PID.1320]
[MD5.224F6B374852153C8C24BED141AE3A20] - (...) -- ystem32\rundll32.exe [0] [PID.1992]
R3 - URLSearchHook: SiteFinder - {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} . (...) (No version) -- (.not file.)
O3 - Toolbar: SiteFinder - [HKLM]{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} . (.Site Finder - Site Finder Toolbar.) -- C:\Program Files\SiteFinder\SiteFinder.dll
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [HDD Regenerator] C:\Program Files\HDD Regenerator\Shell.exe (.not file.)
O4 - HKLM\..\Run: [5d874517e18515d82d8821782f5d2c02] . (.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Irani\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [5d874517e18515d82d8821782f5d2c02] . (.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2044560941-3266968505-3744371477-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Irani\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-2044560941-3266968505-3744371477-1001\..\Run: [5d874517e18515d82d8821782f5d2c02] . (.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe
O4 - HKUS\S-1-5-21-2044560941-3266968505-3744371477-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} . (...) -- C:\Program Files\SiteFinder\hotbtn.ico
[MD5.00000000000000000000000000000000] [APT] [4680] (...) -- C:\Users\Irani\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.A6F24B63928D22AC81892D227A62CAEF] [APT] [{DA397EE2-D7F5-49BE-9F29-F5DD63A7FD6A}] (.FileZilla Project.) -- C:\Program Files\FileZilla FTP Client\uninstall.exe [64687]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Polarstern]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Cimos]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\system32]
O43 - CFD: 1/23/2014 - 12:52:05 PM - [0] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 2/12/2014 - 6:52:38 AM - [0] ----D C:\Program Files\SimilarSites
O43 - CFD: 2/12/2014 - 10:12:00 PM - [1.228] ----D C:\Users\Irani\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 1/22/2014 - 6:18:12 PM - [31.255] ----D C:\Users\Irani\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 2/12/2014 - 6:52:32 AM - [0] ----D C:\Users\Irani\AppData\Roaming\SimilarSites
O43 - CFD: 2/7/2014 - 3:13:03 AM - [1.224] ----D C:\Users\Irani\AppData\Local\genienext
O45 - LFCP:[MD5.BEE17472C1F29C5D5048C176079CF236] - 1/22/2014 - 6:18:28 PM ---A- - C:\Windows\Prefetch\LATESTDLMGR.EXE-76F91E37.pf =>Adware.OpenCandy
O45 - LFCP:[MD5.796E6EA34FFFABB8D91F5E8824E8BDC9] - 2/7/2014 - 3:07:16 AM ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_FOR_FILE-S-4CEF43D7.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.EE8B34404A0A1E4ADEE9C1DBD087DFAC] - 2/7/2014 - 3:19:49 AM ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_FOR_HDD-RE-6CEFB8EF.pf =>Toolbar.Conduit
O61 - LFC: 2/12/2014 - 3:06:02 AM ---A- . (...) -- C:\Users\Irani\AppData\Roaming\newnext.me\nengine.cookie [3072] =>PUP.NextLive
O61 - LFC: 2/12/2014 - 3:06:02 AM ---A- . (.Softonic.) -- C:\Users\Irani\Downloads\Programs\SoftonicDownloader_for_avg-internet-security-2014.exe [401760] =>Toolbar.Conduit
O87 - FAEL: "{31EBE32B-71A1-4349-9060-A001AA7AE9B4}" | In - Private - P6 - TRUE | .(.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe
O87 - FAEL: "{0F141BD5-91D0-45A3-A3B6-0F40323DE4A5}" | In - Private - P17 - TRUE | .(.EPxkXPt4kjP1 - EPxkXPt4kjP1.) -- C:\Users\Irani\AppData\Local\Temp\ixplorer.exe
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Users\Irani\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\Irani\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Program Files\SimilarSites =>Adware.SimilarSites
C:\Users\Irani\AppData\Roaming\SimilarSites =>Adware.SimilarSites
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
C:\Users\Irani\AppData\Local\Temp\uninst1.exe =>PUP.Babylon

EmptyFlash
EmptyTemp
EmptyClsid
FirewallRaz
Proxyfix
SysRestore

Publicité


Signaler le contenu de ce document

Publicité