cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


Lignes indésirables :
[MD5.31F7A33B163DEE55E1698DF3870196B5] - (.Smartbar - Smartbar.) -- C:\Users\jessyca\AppData\Local\Smartbar\Application\SnapDo.exe [28192] [PID.21140] =>Hijacker.SmartBar
[MD5.A3E695D86942357DAFD6843E3378942B] - (.Pas de propriétaire - Lrcnta.) -- C:\Users\jessyca\AppData\Local\Smartbar\Application\Lrcnta.exe [23584] [PID.20052] =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
O2 - BHO: 255ab810f328013182ce5118752c52d60061762 [64Bits] - {11111111-1111-1111-1111-110611171162} . (.H-Quality-1.6V03.10 - H-Quality-1.6V03.10 BHO.) -- C:\Program Files (x86)\H-Quality-1.6V03.10\H-Quality-1.6V03.10-bho.dll => Infection PUP (PUP.CrossRider)
O2 - BHO: Snap.DoEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: AdvanceElite [64Bits] - {3b2cb4c8-72ab-4b25-8fa1-219b36a60bed} . (.AdvanceElite - AdvanceElite.) -- C:\Program Files (x86)\AdvanceElite\AdvanceEliteBHO.dll =>PUP.AdvanceElite
O4 - GS\TaskBar [jessyca]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://feed.snapdo.com =>Hijacker.SmartBar
O4 - GS\Program [jessyca]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://feed.snapdo.com =>Hijacker.SmartBar
O4 - HKCU\..\RunOnce: [WSE_Astromenda] Clé orpheline =>PUP.Astromenda
O4 - HKUS\S-1-5-21-1834600980-504319109-4202431235-1002\..\RunOnce: [WSE_Astromenda] Clé orpheline =>PUP.Astromenda
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe => PUP.GlobalUpdate
O23 - Service: VO Service component (servervo) . (...) - C:\Users\jessyca\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
O23 - Service: Update AdvanceElite (Update AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe =>PUP.AdvanceElite
O23 - Service: Util AdvanceElite (Util AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe =>PUP.AdvanceElite
[MD5.00000000000000000000000000000000] [APT] [FF Watcher {8889C683-8AAC-4622-AFB4-86AD3B06EE67}] (...) -- C:\Program Files\V-bates\PrefHelper.exe (.not file.) [0] =>Adware.Incredibar
[MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) [0] =>PUP.MyPCBackup
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-1 - (.H-Quality-1.6V03.10.) -- C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-1.job [3142] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-1 - (.H-Quality-1.6V03.10.) -- C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-1 [3142] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-2 - (.H-Quality-1.6V03.10.) -- C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-2.job [2126] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-2 - (.H-Quality-1.6V03.10.) -- C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-2 [2126] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-3 - (.H-Quality-1.6V03.10.) -- C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-3.job [4174] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-3 - (.H-Quality-1.6V03.10.) -- C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-3 [4174] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-4 - (.H-Quality-1.6V03.10.) -- C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-4.job [4510] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-4 - (.H-Quality-1.6V03.10.) -- C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-4 [4510] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-5 - (.H-Quality-1.6V03.10.) -- C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-5.job [2462] =>PUP.CrossRider
O39 - APT: cd548da6-501d-423e-9414-e12eb6a5c7fc-5 - (.H-Quality-1.6V03.10.) -- C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-5 [2462] =>PUP.CrossRider
O41 - Driver: ({bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: AdvanceElite - (.AdvanceElite.) [HKLM][64Bits] -- AdvanceElite =>PUP.AdvanceElite
O42 - Logiciel: Interenet Optimizer - (.BullPoint.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643} => Trojan.SProtector
O42 - Logiciel: LPT System Updater Service - (.LPT.) [HKLM][64Bits] -- {BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} =>Adware.IncrediBar
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\AdvanceElite] =>PUP.AdvanceElite
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
O43 - CFD: 2014-10-17 - 17:34:47 - [] ----D C:\Program Files (x86)\AdvanceElite =>PUP.AdvanceElite
O43 - CFD: 2014-10-03 - 14:18:26 - [] ----D C:\Program Files (x86)\LPT =>Adware.Incredibar
O43 - CFD: 2014-10-27 - 20:03:36 - [] ----D C:\Program Files (x86)\Wajam =>PUP.Wajam
O43 - CFD: 2014-10-03 - 14:07:27 - [] ----D C:\Users\jessyca\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 2014-10-03 - 14:14:26 - [] ----D C:\Users\jessyca\AppData\Local\LPT =>Adware.Incredibar
O43 - CFD: 2014-10-03 - 14:12:22 - [] ----D C:\Users\jessyca\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 2014-10-03 - 14:02:35 - [] ----D C:\Users\jessyca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
O58 - SDL:2014-10-06 - 08:55:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys [48784] =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {C301ADC6-90BC-4E12-BB30-6E35D6047322} - (Astromenda) - http://astromenda.com =>PUP.Astromenda
[MD5.272DFDA89CF31C106A78C29521B03A77] [WIS][2014-10-03] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\95d3476.msi [10915840] =>Hijacker.SmartBar
[MD5.11991BAE9E7951F88A73524B3D2619CA] [WIS][2014-09-21] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\95d347b.msi [2142208] =>Adware.IncrediBar
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateAdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateAdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilAdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilAdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (Snap.DoEngine) =>Hijacker.SmartBar
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar
SS - | Auto 2014-10-03 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe => PUP.GlobalUpdate
SS - | Demand 2014-10-03 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe => PUP.GlobalUpdate
SS - | Disabled 2014-09-21 32800 | (LPTSystemUpdater) . (...) - C:\Program Files (x86)\LPT\srpts.exe =>Adware.Incredibar
SS - | Auto 2014-10-03 70656 | (servervo) . (...) - C:\Users\jessyca\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 2014-10-27 524016 | (Update AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\updateAdvanceElite.exe =>PUP.AdvanceElite
SR - | Auto 2014-10-27 524016 | (Util AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe =>PUP.AdvanceElite
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B2CB4C8-72AB-4B25-8FA1-219B36A60BED}] =>PUP.AdvanceElite^
[HKLM\SYSTEM\CurrentControlSet\Services\servervo] =>Adware.Downware^
[HKLM\SYSTEM\CurrentControlSet\Services\Update AdvanceElite] =>PUP.AdvanceElite^
[HKLM\SYSTEM\CurrentControlSet\Services\Util AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}] =>Adware.IncrediBar^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611171162}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622172262}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611171162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622172262}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:WSE_Astromenda =>PUP.Astromenda^
C:\Program Files (x86)\AdvanceElite =>PUP.AdvanceElite^
C:\Program Files (x86)\LPT =>Adware.Incredibar^
C:\Program Files (x86)\Wajam =>PUP.Wajam^
C:\Users\jessyca\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\jessyca\AppData\Local\LPT =>Adware.Incredibar^
C:\Users\jessyca\AppData\Local\Smartbar =>Hijacker.SmartBar^
C:\Users\jessyca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Users\jessyca\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\jessyca\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar
C:\Users\jessyca\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar^
C:\Users\jessyca\AppData\Local\Smartbar\Application\Lrcnta.exe =>Hijacker.SmartBar^
C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-1 =>PUP.CrossRider^
C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-2 =>PUP.CrossRider^
C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-3 =>PUP.CrossRider^
C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-4 =>PUP.CrossRider^
C:\Windows\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cd548da6-501d-423e-9414-e12eb6a5c7fc-5 =>PUP.CrossRider^
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKLM\Software\Wow6432Node\AdvanceElite] =>PUP.AdvanceElite^
C:\Windows\Installer\95d3476.msi =>Hijacker.SmartBar^
C:\Windows\Installer\95d347b.msi =>Adware.IncrediBar^
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (Snap.DoEngine) =>Hijacker.SmartBar^
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}]
C:\Program Files (x86)\SearchProtect
C:\Users\jessyca\AppData\Local\SearchProtect
C:\Users\jessyca\AppData\Local\Temp\sp-downloader.exe

Lignes superflues ou inutiles :
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\INTERE~1\INTERE~2.dll (.not file.) => Fichier absent
O43 - CFD: 2014-10-27 - 20:11:40 - [0] ----D C:\ProgramData\374311380 => Empty Folder not necessary

Lignes d'optimisation du démarrage :
OPT:O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
OPT:SR - | Auto 2011-08-30 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

EmptyClsid
Ifeofix
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité