cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
[MD5.334D48A443D8BE60D2F53B26E6BC8B70] - (...) -- C:\Users\AMIN\AppData\Local\fst_fr_108\upfst_fr_108.exe [3264512] [PID.2892] =>PUA.FSTfr9
[MD5.0DCDA49BFFCD42D82EAEEFCB15BFA35C] - (...) -- C:\Program Files (x86)\fst_fr_124\fst_fr_124.exe [3985408] [PID.3248] =>PUA.FSTfr9
[MD5.3FE10E8516DB3F29817B03C5A446A3DA] - (.Cherished Technololgy LIMITED - WPM Service.) -- C:\ProgramData\WPM\wprotectmanager.exe [501904] [PID.1428] =>PUP.WpManager
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O4 - GS\Accessories [AMIN]: Run.lnk - Cl� orpheline
O4 - GS\Desktop [AMIN]: Ordinateur - Raccourci.lnk - Cl� orpheline
O4 - GS\Desktop [AMIN]: Panneau de configuration - Raccourci.lnk - Cl� orpheline
O4 - GS\Startup [Public]: $McRebootA5E6DEAA56$.lnk - Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_124] . (...) -- C:\Program Files (x86)\fst_fr_124\fst_fr_124.exe =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\RunOnce: [upfst_fr_108.exe] . (...) -- C:\Users\AMIN\AppData\Local\fst_fr_108\upfst_fr_108.exe =>PUA.FSTfr9
O23 - Service: Update FindRight (Update FindRight) . (...) - C:\Program Files (x86)\FindRight\updateFindRight.exe (.not file.) =>Hijacker.FindrToolbar
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-sys.job [342] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.GiganticSavings
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [288] =>Adware.MyWebSearch
[MD5.83F9FD1FD4B72219901CD9004AD06804] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe [69120] =>PUP.GiganticSavings
[MD5.CBFFB477B24A1637086FCD08F93A1BA7] [APT] [MySearchDial] (...) -- C:\Users\AMIN\AppData\RoAMINg\MYSEAR~1\UPDATE~1\UPDATE~1.exe [109056] =>Adware.MyWebSearch
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM][64Bits] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: Savings Bull - (.Savings Bull.) [HKLM][64Bits] -- Level Quality Watcher =>PUP.SavingsBull
O42 - Logiciel: WPM17.8.0.3393 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM =>PUP.WpManager
O42 - Logiciel: fst_fr_108 - (.free_soft_to_day.) [HKLM][64Bits] -- fst_fr_108_is1 =>PUA.FSTfr9
O42 - Logiciel: fst_fr_124 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_124_is1 =>PUA.FSTfr9
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Savings Bull] =>PUP.SavingsBull
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\Savings Bull] =>PUP.SavingsBull
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\FREESOFTTODAY] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\MySearchDial] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 07/03/2014 - 20:42:40 - [0,425] ----D C:\Program Files (x86)\Bench =>PUP.GiganticSavings
O43 - CFD: 04/03/2014 - 18:52:02 - [4,445] ----D C:\Program Files (x86)\fst_fr_108 =>PUA.FSTfr9
O43 - CFD: 07/03/2014 - 16:45:46 - [4,878] ----D C:\Program Files (x86)\fst_fr_124 =>PUA.FSTfr9
O43 - CFD: 04/03/2014 - 17:19:29 - [2,357] ----D C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 04/03/2014 - 17:22:49 - [0] ----D C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 07/03/2014 - 20:48:22 - [0,489] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 07/03/2014 - 20:35:04 - [0] ----D C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector
O43 - CFD: 04/03/2014 - 18:05:28 - [0,479] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 04/03/2014 - 18:10:21 - [0] ----D C:\Users\AMIN\AppData\Roaming\awesomehp =>PUP.Awesomehp
O43 - CFD: 04/03/2014 - 17:19:41 - [0,104] ----D C:\Users\AMIN\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 04/03/2014 - 18:05:27 - [0,489] ----D C:\Users\AMIN\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 13/03/2014 - 14:29:31 - [11,858] ----D C:\Users\AMIN\AppData\Local\fst_fr_108 =>PUA.FSTfr9
O43 - CFD: 07/03/2014 - 16:45:47 - [0] ----D C:\Users\AMIN\AppData\Local\fst_fr_124 =>PUA.FSTfr9
O43 - CFD: 04/03/2014 - 18:18:05 - [0] ----D C:\Users\AMIN\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 06/03/2014 - 14:41:22 - [0,001] ----D C:\Users\AMIN\AppData\Local\Tuguu_SL =>PUP.VAFPlayer
O44 - LFC:[MD5.24C56D9D97371EC343278E862541B3ED] - 04/03/2014 - 17:19:31 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot64.exe [20312] =>Rogue.RegistryPowerCleaner
O45 - LFCP:[MD5.64AF961EF9DE8DAAF40FE7CD6D5CAB86] - 04/03/2014 - 16:30:12 ---A- - C:\Windows\Prefetch\EBAY2.EXE-72CB60CC.pf =>Toolbar.eBay
O61 - LFC: 12/03/2014 - 15:05:00 ---A- . (...) -- C:\Users\AMIN\AppData\Local\fst_fr_124\fst_fr_124\1.10\cnf.cyl [180] =>PUA.FSTfr9
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (awesomehp) - http://www.awesomehp.com =>PUP.Awesomehp
SS - | Auto 10/07/1658 0 | (Update FindRight) . (...) - C:\Program Files (x86)\FindRight\updateFindRight.exe =>Hijacker.FindrToolbar
SR - | Auto 04/03/2014 501904 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
[HKLM\SYSTEM\CurrentControlSet\Services\Update FindRight] =>Hijacker.FindrToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Level Quality Watcher] =>PUP.SavingsBull^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_108_is1] =>PUA.FSTfr9^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_124_is1] =>PUA.FSTfr9^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_124 =>PUA.FSTfr9^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upfst_fr_108.exe =>PUA.FSTfr9^
C:\Program Files (x86)\Bench =>PUP.GiganticSavings^
C:\Program Files (x86)\fst_fr_108 =>PUA.FSTfr9^
C:\Program Files (x86)\fst_fr_124 =>PUA.FSTfr9^
C:\Program Files (x86)\Mysearchdial =>Adware.MyWebSearch^
C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\ProgramData\IePluginService =>Trojan.Trojan.SProtector^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\AMIN\AppData\Roaming\awesomehp =>PUP.Awesomehp^
C:\Users\AMIN\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\AMIN\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Users\AMIN\AppData\Local\fst_fr_108 =>PUA.FSTfr9^
C:\Users\AMIN\AppData\Local\fst_fr_124 =>PUA.FSTfr9^
C:\Users\AMIN\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Users\AMIN\AppData\Local\Tuguu_SL =>PUP.VAFPlayer^
C:\Program Files (x86)\Amazon Browser Bar =>Toolbar.Amazon
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\AMIN\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\AMIN\AppData\Local\Software =>Adware.Boxore
C:\Users\AMIN\AppData\Local\fst_fr_108\upfst_fr_108.exe =>PUA.FSTfr9^
C:\Program Files (x86)\fst_fr_124\fst_fr_124.exe =>PUA.FSTfr9^
C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager^
C:\Windows\Tasks\bench-sys.job =>PUP.GiganticSavings^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.GiganticSavings^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Program Files (x86)\Bench\Updater\updater.exe =>PUP.GiganticSavings^
C:\Users\AMIN\AppData\RoAMINg\MYSEAR~1\UPDATE~1\UPDATE~1.exe =>Adware.MyWebSearch^
[HKCU\Software\AppDataLow\Software\Savings Bull] =>PUP.SavingsBull^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Savings Bull] =>PUP.SavingsBull^
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\FREESOFTTODAY] =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\MySearchDial] =>Adware.MyWebSearch^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp^
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\AMIN\AppData\Local\Temp\nsrAFF1.exe =>Toolbar.Conduit
ShortcutFix
EmptyPrefetch
EmptyTemp
EmptyCLSID

Publicité


Signaler le contenu de ce document

Publicité