Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
Lignes indésirables :
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53006;https=127.0.0.1:53006 =>Hijacker.Proxy
O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline => Adware.IMBooster
O4 - GS\Desktop [Public]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC
O4 - GS\QuickLaunch [SECURITEPRIVEE]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC
O4 - GS\Desktop [SECURITEPRIVEE]: FLVM Player.lnk . (...) -- C:\Program Files (x86)\FLVM Player\FLVMPlayer.exe =>PUP.FLVMPlayer
O4 - GS\Desktop [SECURITEPRIVEE]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [SECURITEPRIVEE]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Startup [SECURITEPRIVEE]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Wajam Internet Enhancer Service (Wajam Internet Enhancer Service) . (.Wajam Internet Technologies Inc. - Wajam Internet Enhancer Service.) - C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe =>PUP.Wajam
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.) [0] => Infection PUP
[MD5.E412DE53DD9AC2EE3DE6EDF5474B9DCE] [APT] [LaunchApp] (.MyPCBackup.com.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [3143264] =>PUP.MyPCBackup
[MD5.0F7C23BF8F1A0D5E6E43586ADF66C610] [APT] [SpeedUpMyPC Maintenance] (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [4140888] =>PUP.SpeedUpMyPC
[MD5.0F7C23BF8F1A0D5E6E43586ADF66C610] [APT] [SpeedUpMyPC Startup] (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [4140888] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Maintenance - (.Uniblue Systems Limited.) -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job [308] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Maintenance - (.Uniblue Systems Limited.) -- C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance [308] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Startup - (.Uniblue Systems Limited.) -- C:\Windows\Tasks\SpeedUpMyPC Startup.job [302] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Startup - (.Uniblue Systems Limited.) -- C:\Windows\System32\Tasks\SpeedUpMyPC Startup [302] =>PUP.SpeedUpMyPC
O41 - Driver: ({16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: SpeedUpMyPC - (.Uniblue Systems Limited.) [HKLM][64Bits] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 =>PUP.SpeedUpMyPC
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam =>PUP.Wajam
O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\Genesis] =>PUP.Genesis
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\globalUpdate] => PUP.GlobalUpdate
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\GlobalUpdate] => PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday
[HKLM\Software\Wow6432Node\TermTutor] =>PUP.TermTutor
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\FLVM Player => PUP.FLVMPlayer
O43 - CFD: 12/09/2014 - 12:55:52 - [] ----D C:\Program Files (x86)\globalUpdate => PUP.GlobalUpdate
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
O43 - CFD: 28/09/2014 - 08:30:42 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 28/09/2014 - 08:30:42 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 11/09/2014 - 16:26:09 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Local\globalUpdate => PUP.GlobalUpdate
O43 - CFD: 28/09/2014 - 08:27:47 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player => PUP.FLVMPlayer
O43 - CFD: 28/09/2014 - 08:27:47 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O44 - LFC:[MD5.BA55853DCA0FA301BEA06E0BB8877318] - 21/09/2014 - 01:13:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys [44632] =>PUP.LinkiDoo
O45 - LFCP:[MD5.57C57C6309CBE3471FDE2190DB03CDD4] - 28/09/2014 - 07:33:18 ---A- - C:\Windows\Prefetch\BACKUPSTACK.EXE-43ED3B32.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.4EA83146033525E0DA65674CC4944A7A] - 27/09/2014 - 21:41:39 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.D4EE2D33283DAAD4BCCE761248D3C5B9] - 21/09/2014 - 21:51:44 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-472F253E.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.50398300238C5351CAA89DF2A459ED67] - 28/09/2014 - 06:52:06 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.EXE-7C35B7A1.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.D32722B6A61AD4F931A14889E1882A8B] - 21/09/2014 - 21:50:06 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-AC38239C.pf =>PUP.SpeedUpMyPC
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
O58 - SDL:10/09/2014 - 23:56:00 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:21/09/2014 - 01:13:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys [44632] =>PUP.LinkiDoo
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com =>PUP.SweetPage
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateYawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateYawtix_RASMANCS =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilYawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilYawtix_RASMANCS =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yawtix_RASMANCS =>PUP.Yawtix
SR - | Auto 10/09/2014 36936 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SR - | Auto 11/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 31/08/2014 303616 | (Wajam Internet Enhancer Service) . (.Wajam Internet Technologies Inc..) - C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe =>PUP.Wajam
SR - | Auto 11/09/2014 528896 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\Wajam Internet Enhancer Service] =>PUP.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1] =>PUP.SpeedUpMyPC^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Wajam =>PUP.Wajam^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup^
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job =>PUP.SpeedUpMyPC^
C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Startup.job =>PUP.SpeedUpMyPC^
C:\Windows\System32\Tasks\SpeedUpMyPC Startup =>PUP.SpeedUpMyPC^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf^
[HKCU\Software\Genesis] =>PUP.Genesis^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\Wajam] =>PUP.Wajam^
[HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday^
[HKLM\Software\Wow6432Node\TermTutor] =>PUP.TermTutor^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage^
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}]
Lignes superflues ou inutiles :
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_80] Clé orpheline => Orphean Key not necessary
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-31bf1b9f-fee9-46ac-92c7-7f156e9a9bb8 => Online Poker Games
[HKCU\Software\systweak] => Systweak Inc
[HKLM\Software\Wow6432Node\Systweak] => Systweak Inc
O43 - CFD: 12/09/2014 - 01:43:28 - [0] ----D C:\Program Files (x86)\predm
O43 - CFD: 11/09/2014 - 16:53:19 - [0] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Systweak => Systweak Inc
O43 - CFD: 22/09/2014 - 06:36:56 - [0] ----D C:\Users\SECURITEPRIVEE\AppData\Local\PackageStaging => Empty Folder not necessary
O44 - LFC:[MD5.BF818AE9F4650337DE446EBC29290761] - 21/09/2014 - 20:41:37 ---A- . (...) -- C:\Windows\DirectX.log [562] => Fichiers de rapport (Log)
Lignes d'optimisation du démarrage :
OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash
Lignes indésirables :
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53006;https=127.0.0.1:53006 =>Hijacker.Proxy
O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline => Adware.IMBooster
O4 - GS\Desktop [Public]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC
O4 - GS\QuickLaunch [SECURITEPRIVEE]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC
O4 - GS\Desktop [SECURITEPRIVEE]: FLVM Player.lnk . (...) -- C:\Program Files (x86)\FLVM Player\FLVMPlayer.exe =>PUP.FLVMPlayer
O4 - GS\Desktop [SECURITEPRIVEE]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [SECURITEPRIVEE]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Startup [SECURITEPRIVEE]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Wajam Internet Enhancer Service (Wajam Internet Enhancer Service) . (.Wajam Internet Technologies Inc. - Wajam Internet Enhancer Service.) - C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe =>PUP.Wajam
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.) [0] => Infection PUP
[MD5.E412DE53DD9AC2EE3DE6EDF5474B9DCE] [APT] [LaunchApp] (.MyPCBackup.com.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [3143264] =>PUP.MyPCBackup
[MD5.0F7C23BF8F1A0D5E6E43586ADF66C610] [APT] [SpeedUpMyPC Maintenance] (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [4140888] =>PUP.SpeedUpMyPC
[MD5.0F7C23BF8F1A0D5E6E43586ADF66C610] [APT] [SpeedUpMyPC Startup] (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [4140888] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Maintenance - (.Uniblue Systems Limited.) -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job [308] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Maintenance - (.Uniblue Systems Limited.) -- C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance [308] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Startup - (.Uniblue Systems Limited.) -- C:\Windows\Tasks\SpeedUpMyPC Startup.job [302] =>PUP.SpeedUpMyPC
O39 - APT: SpeedUpMyPC Startup - (.Uniblue Systems Limited.) -- C:\Windows\System32\Tasks\SpeedUpMyPC Startup [302] =>PUP.SpeedUpMyPC
O41 - Driver: ({16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: SpeedUpMyPC - (.Uniblue Systems Limited.) [HKLM][64Bits] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 =>PUP.SpeedUpMyPC
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam =>PUP.Wajam
O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\Genesis] =>PUP.Genesis
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\globalUpdate] => PUP.GlobalUpdate
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\GlobalUpdate] => PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday
[HKLM\Software\Wow6432Node\TermTutor] =>PUP.TermTutor
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\FLVM Player => PUP.FLVMPlayer
O43 - CFD: 12/09/2014 - 12:55:52 - [] ----D C:\Program Files (x86)\globalUpdate => PUP.GlobalUpdate
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 28/09/2014 - 08:27:37 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
O43 - CFD: 28/09/2014 - 08:30:42 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 28/09/2014 - 08:30:42 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 11/09/2014 - 16:26:09 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Local\globalUpdate => PUP.GlobalUpdate
O43 - CFD: 28/09/2014 - 08:27:47 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player => PUP.FLVMPlayer
O43 - CFD: 28/09/2014 - 08:27:47 - [] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O44 - LFC:[MD5.BA55853DCA0FA301BEA06E0BB8877318] - 21/09/2014 - 01:13:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys [44632] =>PUP.LinkiDoo
O45 - LFCP:[MD5.57C57C6309CBE3471FDE2190DB03CDD4] - 28/09/2014 - 07:33:18 ---A- - C:\Windows\Prefetch\BACKUPSTACK.EXE-43ED3B32.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.4EA83146033525E0DA65674CC4944A7A] - 27/09/2014 - 21:41:39 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.D4EE2D33283DAAD4BCCE761248D3C5B9] - 21/09/2014 - 21:51:44 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-472F253E.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.50398300238C5351CAA89DF2A459ED67] - 28/09/2014 - 06:52:06 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.EXE-7C35B7A1.pf =>PUP.SpeedUpMyPC
O45 - LFCP:[MD5.D32722B6A61AD4F931A14889E1882A8B] - 21/09/2014 - 21:50:06 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-AC38239C.pf =>PUP.SpeedUpMyPC
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
O58 - SDL:10/09/2014 - 23:56:00 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{16d667ee-6782-4b21-81df-8ded8ebc3868}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:21/09/2014 - 01:13:38 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{7afe3a9e-a637-49a8-9084-bf73405b41b6}Gw64.sys [44632] =>PUP.LinkiDoo
O68 - StartMenuInternet:
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateYawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateYawtix_RASMANCS =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilYawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilYawtix_RASMANCS =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yawtix_RASAPI32 =>PUP.Yawtix
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Yawtix_RASMANCS =>PUP.Yawtix
SR - | Auto 10/09/2014 36936 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SR - | Auto 11/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 31/08/2014 303616 | (Wajam Internet Enhancer Service) . (.Wajam Internet Technologies Inc..) - C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe =>PUP.Wajam
SR - | Auto 11/09/2014 528896 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\Wajam Internet Enhancer Service] =>PUP.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1] =>PUP.SpeedUpMyPC^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1] =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Wajam =>PUP.Wajam^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\SECURITEPRIVEE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup^
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job =>PUP.SpeedUpMyPC^
C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Startup.job =>PUP.SpeedUpMyPC^
C:\Windows\System32\Tasks\SpeedUpMyPC Startup =>PUP.SpeedUpMyPC^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf^
[HKCU\Software\Genesis] =>PUP.Genesis^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\Wajam] =>PUP.Wajam^
[HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday^
[HKLM\Software\Wow6432Node\TermTutor] =>PUP.TermTutor^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage^
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}]
Lignes superflues ou inutiles :
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_80] Clé orpheline => Orphean Key not necessary
O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WTA-31bf1b9f-fee9-46ac-92c7-7f156e9a9bb8 => Online Poker Games
[HKCU\Software\systweak] => Systweak Inc
[HKLM\Software\Wow6432Node\Systweak] => Systweak Inc
O43 - CFD: 12/09/2014 - 01:43:28 - [0] ----D C:\Program Files (x86)\predm
O43 - CFD: 11/09/2014 - 16:53:19 - [0] ----D C:\Users\SECURITEPRIVEE\AppData\Roaming\Systweak => Systweak Inc
O43 - CFD: 22/09/2014 - 06:36:56 - [0] ----D C:\Users\SECURITEPRIVEE\AppData\Local\PackageStaging => Empty Folder not necessary
O44 - LFC:[MD5.BF818AE9F4650337DE446EBC29290761] - 21/09/2014 - 20:41:37 ---A- . (...) -- C:\Windows\DirectX.log [562] => Fichiers de rapport (Log)
Lignes d'optimisation du démarrage :
OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash