Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
Lignes indésirables :
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
[MD5.7F57B243ED1D2E8C29905FA3092E2E93] [APT] [Speedial] (...) -- C:\Users\Lyne\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe [99840] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [288] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [288] =>Adware.Adware.SearchYa
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys =>PUP.LinkiDoo
O42 - Logiciel: Speedial - (.Speedial.) [HKLM] -- Speedial =>Adware.Adware.SearchYa
[HKCU\Software\speedial] =>Adware.Adware.SearchYa
O43 - CFD: 11/05/2014 - 22:07:06 - [] ----D C:\Program Files\Speedial =>Adware.Adware.SearchYa
O43 - CFD: 11/05/2014 - 22:08:34 - [] ----D C:\Users\Lyne\AppData\Roaming\Speedial =>Adware.Adware.SearchYa
O44 - LFC:[MD5.17DA74F74B67BF7B1A3A88535D4D2291] - 09/05/2014 - 16:03:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920] =>PUP.LinkiDoo
O58 - SDL:09/05/2014 - 16:03:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920] =>PUP.LinkiDoo
O64 - Services: CurCS - 09/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW =>PUP.LinkiDoo
O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox
[MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][22/08/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\495bf.msi [417792] =>PUP.FrameFox
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu
[HKCR\CLSID\{D9438938-F924-4CE4-9E20-87E45C619862}] (SoftwareUpdater Class) =>PUP.Eorezo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedial] =>Adware.Adware.SearchYa^
C:\Program Files\Speedial =>Adware.Adware.SearchYa^
C:\Users\Lyne\AppData\Roaming\Speedial =>Adware.Adware.SearchYa^
C:\Users\Lyne\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe =>Adware.Adware.SearchYa^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKCU\Software\speedial] =>Adware.Adware.SearchYa^
C:\Windows\Installer\495bf.msi =>PUP.FrameFox^
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu^
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu^
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu^
[HKCR\CLSID\{D9438938-F924-4CE4-9E20-87E45C619862}] (SoftwareUpdater Class) =>PUP.Eorezo^
Lignes superflues ou inutiles :
Spybot - Search & Destroy v2.1.19 => Safer Networking Ltd - Spybot S&D
[MD5.09E9425AD8C61664A37ED84B8B58BDCF] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224] [PID.1236] => Spybot-S&D Cleaning
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320 => Safer-Networking Ltd. - Spybot - Search & Destroy
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe => Spybot-S&D Cleaning
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll => Safer Networking Ltd - Spybot S&D
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
O41 - Driver: (archlp) . (. - .) - C:\Windows\System32\drivers\archlp.sys (.not file.) => Fichier absent
O43 - CFD: 12/08/2013 - 13:38:33 - [] ----D C:\Program Files\GUMDC2B.tmp => Google Inc - Google Update Manager
SR - | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe => Spybot-S&D Cleaning
SR - | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe => Spybot-S&D Cleaning
SR - | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
Lignes d'optimisation du démarrage :
OPT:O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
Nettoyage complémentaire :
EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
EmptyPrefetch
emptytemp
emptyflash
Lignes indésirables :
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
[MD5.7F57B243ED1D2E8C29905FA3092E2E93] [APT] [Speedial] (...) -- C:\Users\Lyne\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe [99840] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [288] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [288] =>Adware.Adware.SearchYa
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys =>PUP.LinkiDoo
O42 - Logiciel: Speedial - (.Speedial.) [HKLM] -- Speedial =>Adware.Adware.SearchYa
[HKCU\Software\speedial] =>Adware.Adware.SearchYa
O43 - CFD: 11/05/2014 - 22:07:06 - [] ----D C:\Program Files\Speedial =>Adware.Adware.SearchYa
O43 - CFD: 11/05/2014 - 22:08:34 - [] ----D C:\Users\Lyne\AppData\Roaming\Speedial =>Adware.Adware.SearchYa
O44 - LFC:[MD5.17DA74F74B67BF7B1A3A88535D4D2291] - 09/05/2014 - 16:03:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920] =>PUP.LinkiDoo
O58 - SDL:09/05/2014 - 16:03:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys [52920] =>PUP.LinkiDoo
O64 - Services: CurCS - 09/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}GW =>PUP.LinkiDoo
O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\windows\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox
[MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][22/08/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\495bf.msi [417792] =>PUP.FrameFox
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu
[HKCR\CLSID\{D9438938-F924-4CE4-9E20-87E45C619862}] (SoftwareUpdater Class) =>PUP.Eorezo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedial] =>Adware.Adware.SearchYa^
C:\Program Files\Speedial =>Adware.Adware.SearchYa^
C:\Users\Lyne\AppData\Roaming\Speedial =>Adware.Adware.SearchYa^
C:\Users\Lyne\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe =>Adware.Adware.SearchYa^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKCU\Software\speedial] =>Adware.Adware.SearchYa^
C:\Windows\Installer\495bf.msi =>PUP.FrameFox^
[HKCR\CLSID\{024BA55C-DA05-4FA5-AD24-5EA6D3C7C153}] (DuuquUpdate Update3Web) =>PUP.Duuqu^
[HKCR\CLSID\{B6E89C52-A6C8-4839-A5D1-28A7A5EA46D9}] (Duuqu Update Core Class) =>PUP.Duuqu^
[HKCR\CLSID\{D7BEC320-B746-4A47-B289-509214980E2B}] (Duuqu Update Legacy On Demand) =>PUP.Duuqu^
[HKCR\CLSID\{D9438938-F924-4CE4-9E20-87E45C619862}] (SoftwareUpdater Class) =>PUP.Eorezo^
Lignes superflues ou inutiles :
Spybot - Search & Destroy v2.1.19 => Safer Networking Ltd - Spybot S&D
[MD5.09E9425AD8C61664A37ED84B8B58BDCF] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224] [PID.1236] => Spybot-S&D Cleaning
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320 => Safer-Networking Ltd. - Spybot - Search & Destroy
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe => Spybot-S&D Cleaning
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll => Safer Networking Ltd - Spybot S&D
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
O41 - Driver: (archlp) . (. - .) - C:\Windows\System32\drivers\archlp.sys (.not file.) => Fichier absent
O43 - CFD: 12/08/2013 - 13:38:33 - [] ----D C:\Program Files\GUMDC2B.tmp => Google Inc - Google Update Manager
SR - | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe => Spybot-S&D Cleaning
SR - | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe => Spybot-S&D Cleaning
SR - | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
Lignes d'optimisation du démarrage :
OPT:O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
Nettoyage complémentaire :
EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
EmptyPrefetch
emptytemp
emptyflash