Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script zhpfix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
G2 - GCE: Preference [User Data\Default] [bakijjialdiiboeaknfpmflphhmljfkd] Speedial v.9.4.25, (D�sactiv�) =>Adware.Adware.SearchYa
G2 - GCE: Preference [User Data\Default] [gaohomgkplmekmskucbkoskmmpgpmjgl] Websteroids v.2.6.53 (Activ�) =>PUP.TubeDimmer
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�'� �f�'�'¢�f¢â�'�š�'¬�f¢â�'�ž�'¢�f�'�+�(TM)�f� â�'��"��f�'�'¢�f¢â�'�š�'¬�f�s�'� �f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'�'¢�f¢â�s¬�...¾�f�s�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�š�f�s�'¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'â�'�¦�f�s�'¡�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¬�f�'�+�(TM)�f� â�'��"��f�'�'¢�f¢â�'�š�'¬�f�s�'¦�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¡�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�'� �f�'�'¢�f¢â�'�š�'¬�f¢â�'�ž�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�š�f�s�'¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�'�š�'¬�f...�'¡�f�'â�'�š�f�s�'¬�f�'�+�(TM)�f¢â�s¬�'¦�f�'â�'�š�f�s�'¡�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'â�'�¦�f�s�'¡�f�'�+ v.0.0.6.1 (Activ�)
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (...) (No version) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
[MD5.00000000000000000000000000000000] [APT] [Speedial] (...) -- C:\Users\Sylvin\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [296] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [296] =>Adware.Adware.SearchYa
O41 - Driver: ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys =>PUP.LinkiDoo
[HKLM\Software\Wow6432Node\SWEETIM] =>PUP.SweetIM
O44 - LFC:[MD5.FF3721C757BC66C8702BFDBA977D345D] - 09/05/2014 - 16:03:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.1916FB37A1FB9CC5870C04339F5782BE] - 11/05/2014 - 16:58:53 ---A- . (.AVG - AVG WinLogon Extension.) -- C:\Windows\System32\authuitu.dll [29496]
O44 - LFC:[MD5.A4E7422692594013A1D7BFABAA59F225] - 11/05/2014 - 16:58:57 ---A- . (.AVG - AVG Registry Optimization Boot Application.) -- C:\Windows\System32\TURegOpt.exe [40248]
O51 - MPSK:{bc612551-2cfc-11e2-b23d-70f395568e67}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{ca21f79a-b792-11e2-aeeb-c80aa9cac065}\AutoRun\command. (...) -- G:\NokiaPCIA_Autorun.exe (.not file.)
O58 - SDL:24/04/2014 - 11:32:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:09/05/2014 - 16:03:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64) .(.StdLib - StdLib.) - LEGACY_{2C976A7F-DBDC-4756-870F-F6D183FE7A7E}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 09/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} - (Speedial) - http://speedial.com =>Adware.Adware.SearchYa
O69 - SBI: SearchScopes [HKCU] {EC9091C3-7BAC-4F31-A259-1A38CD603264} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {FFC872DB-AA73-4093-9226-9FF838E5EB29} - (Ask Search) - http://www.search.ask.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASMANCS =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWiseEnhance_RASMANCS =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASMANCS =>PUP.WiseEnhance
SR - | Demand 16/01/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SR - | Auto 22/03/2014 2183992 | (TuneUp.UtilitiesSvc) . (.AVG.) - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
[HKLM\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd] =>Adware.Adware.SearchYa^
[HKLM\Software\Google\Chrome\Extensions\gaohomgkplmekmskucbkoskmmpgpmjgl] =>PUP.TubeDimmer^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
C:\Users\Sylvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd =>Adware.Adware.SearchYa^
C:\Users\Sylvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaohomgkplmekmskucbkoskmmpgpmjgl =>PUP.TubeDimmer^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKLM\Software\Wow6432Node\SWEETIM] =>PUP.SweetIM^
C:\Users\Sylvin\Downloads\flvmplayer.exe =>PUP.Offerware
Emptytemp
Emptyflash
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
G2 - GCE: Preference [User Data\Default] [bakijjialdiiboeaknfpmflphhmljfkd] Speedial v.9.4.25, (D�sactiv�) =>Adware.Adware.SearchYa
G2 - GCE: Preference [User Data\Default] [gaohomgkplmekmskucbkoskmmpgpmjgl] Websteroids v.2.6.53 (Activ�) =>PUP.TubeDimmer
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�'� �f�'�'¢�f¢â�'�š�'¬�f¢â�'�ž�'¢�f�'�+�(TM)�f� â�'��"��f�'�'¢�f¢â�'�š�'¬�f�s�'� �f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'�'¢�f¢â�s¬�...¾�f�s�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�š�f�s�'¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'â�'�¦�f�s�'¡�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¬�f�'�+�(TM)�f� â�'��"��f�'�'¢�f¢â�'�š�'¬�f�s�'¦�f�'�+�(TM)�f¢â�s¬�...¡�f�'â�'�š�f�s�'¡�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f¢â�s¬�'� �f�'�'¢�f¢â�'�š�'¬�f¢â�'�ž�'¢�f�'�+�(TM)�f� â�'��"��f�'â�'�š�f�s�'¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�'�š�'¬�f...�'¡�f�'â�'�š�f�s�'¬�f�'�+�(TM)�f¢â�s¬�'¦�f�'â�'�š�f�s�'¡�f�'�+�(TM)�f� â�'��"��f�'â�'�� �f¢â�s¬â�z¢�f�'�+�(TM)�f�s�'¢�f�'�'¢�f¢â�s¬�...¡�f�s�'¬�f�'â�'�¦�f�s�'¡�f�'�+ v.0.0.6.1 (Activ�)
R3 - URLSearchHook: UrlSearchHook Class [64Bits] - {00000000-6E41-4FD3-8538-502F5495E5FC} . (...) (No version) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
[MD5.00000000000000000000000000000000] [APT] [Speedial] (...) -- C:\Users\Sylvin\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [296] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [296] =>Adware.Adware.SearchYa
O41 - Driver: ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys =>PUP.LinkiDoo
[HKLM\Software\Wow6432Node\SWEETIM] =>PUP.SweetIM
O44 - LFC:[MD5.FF3721C757BC66C8702BFDBA977D345D] - 09/05/2014 - 16:03:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.1916FB37A1FB9CC5870C04339F5782BE] - 11/05/2014 - 16:58:53 ---A- . (.AVG - AVG WinLogon Extension.) -- C:\Windows\System32\authuitu.dll [29496]
O44 - LFC:[MD5.A4E7422692594013A1D7BFABAA59F225] - 11/05/2014 - 16:58:57 ---A- . (.AVG - AVG Registry Optimization Boot Application.) -- C:\Windows\System32\TURegOpt.exe [40248]
O51 - MPSK:{bc612551-2cfc-11e2-b23d-70f395568e67}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{ca21f79a-b792-11e2-aeeb-c80aa9cac065}\AutoRun\command. (...) -- G:\NokiaPCIA_Autorun.exe (.not file.)
O58 - SDL:24/04/2014 - 11:32:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:09/05/2014 - 16:03:36 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys ({2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64) .(.StdLib - StdLib.) - LEGACY_{2C976A7F-DBDC-4756-870F-F6D183FE7A7E}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 09/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} - (Speedial) - http://speedial.com =>Adware.Adware.SearchYa
O69 - SBI: SearchScopes [HKCU] {EC9091C3-7BAC-4F31-A259-1A38CD603264} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {FFC872DB-AA73-4093-9226-9FF838E5EB29} - (Ask Search) - http://www.search.ask.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWiseEnhance_RASMANCS =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWiseEnhance_RASMANCS =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASAPI32 =>PUP.WiseEnhance
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseEnhance_RASMANCS =>PUP.WiseEnhance
SR - | Demand 16/01/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
SR - | Auto 22/03/2014 2183992 | (TuneUp.UtilitiesSvc) . (.AVG.) - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
[HKLM\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd] =>Adware.Adware.SearchYa^
[HKLM\Software\Google\Chrome\Extensions\gaohomgkplmekmskucbkoskmmpgpmjgl] =>PUP.TubeDimmer^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{00000000-6E41-4FD3-8538-502F5495E5FC} =>Adware.ShopperReports
C:\Users\Sylvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd =>Adware.Adware.SearchYa^
C:\Users\Sylvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaohomgkplmekmskucbkoskmmpgpmjgl =>PUP.TubeDimmer^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKLM\Software\Wow6432Node\SWEETIM] =>PUP.SweetIM^
C:\Users\Sylvin\Downloads\flvmplayer.exe =>PUP.Offerware
Emptytemp
Emptyflash