cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


Lignes indésirables :
[MD5.DFA6F866B7B817D7D7B41FAFC27F3E34] - (.Pas de propriétaire - AnySend User interface.) -- C:\Program Files (x86)\AnySend\AnySendUI.exe [7081984] [PID.3688] =>PUP.ASPackage
M3 - MFPP: Plugins - [bernard] -- C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\klpzzfhb.default\searchplugins\search-provided-by-yahoo.xml =>PUP.Optional
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yhs4.search.yahoo.comCtCyB0D0C0D0EtAtB0A2QtN0A0LzuyE%26cr%3D964417958%26a%3Dwny_clu_15_18%26os%3DWindows 8.1 => Hijacker.Browser
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://myhome.vi-view.com =>Hijacker.MyhomeViview
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://myhome.vi-view.com =>Hijacker.MyhomeViview
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://myhome.vi-view.com =>Hijacker.MyhomeViview
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://myhome.vi-view.com =>Hijacker.MyhomeViview
O4 - GS\SendTo [bernard]: AnySend.lnk . (...) -- C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_490] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [AnySend User Interface] . (.Pas de propriétaire - AnySend User interface.) -- C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O23 - Service: AnySend (AnySendService) . (.Pas de propriétaire - AnySend Sender Service.) - C:\Program Files (x86)\AnySend\AnySendSVC.exe =>PUP.ASPackage
O23 - Service: LiveUpdateWPP Manager (LiveUpdateWPP Manager) . (.LiveWPPUpdate - Maintaining Web Protector Plus synchronized.) - C:\Program Files (x86)\LiveUpdateWPP\LiveUpdateWPP.exe =>PUP.BProtector
O42 - Logiciel: vi-view uninstall - (.vi-view.) [HKLM][64Bits] -- vi-view uninstall =>Hijacker.MyhomeViview
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\Appscion] =>PUP.LiveSoftAction
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\WebProtector] =>PUP.WebProtect
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\vi-viewSoftware] =>Hijacker.MyhomeViview
O43 - CFD: 05/05/2015 - 16:02:39 - [] ----D C:\Program Files (x86)\AnySend =>PUP.ASPackage
O43 - CFD: 05/05/2015 - 12:10:03 - [] ----D C:\Program Files (x86)\Software => Adware.Boxore
O43 - CFD: 26/01/2015 - 10:32:14 - [] ----D C:\Program Files (x86)\XTab => Adware.Agent.ODR
O43 - CFD: 10/05/2015 - 10:17:51 - [] ----D C:\ProgramData\AnySend =>PUP.ASPackage
O43 - CFD: 05/05/2015 - 10:05:53 - [] ----D C:\ProgramData\FlashBeat =>PUP.FlashBeat
O43 - CFD: 26/01/2015 - 10:32:10 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 05/05/2015 - 10:10:51 - [] ----D C:\ProgramData\NetEngine =>PUP.NetEngine
O43 - CFD: 26/01/2015 - 10:31:58 - [0] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 06/05/2015 - 16:08:54 - [] ----D C:\Users\bernard\AppData\Roaming\AnySend =>PUP.ASPackage
O43 - CFD: 26/01/2015 - 10:30:43 - [] ----D C:\Users\bernard\AppData\Roaming\vi-view =>Hijacker.MyhomeViview
O43 - CFD: 05/05/2015 - 10:05:44 - [] ----D C:\Users\bernard\AppData\Local\Boxore =>Adware.Boxore
O43 - CFD: 05/05/2015 - 10:05:31 - [] ----D C:\Users\bernard\AppData\Local\Software => Infection PUP (Adware.Boxore)
O43 - CFD: 05/05/2015 - 10:05:37 - [] ----D C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
O45 - LFCP:[MD5.EB1C21D5A48A84005C4208DBBE283A24] - 10/05/2015 - 10:12:46 ---A- - C:\Windows\Prefetch\ANYSENDUI.EXE-0C7DD405.pf =>PUP.ASPackage
O45 - LFCP:[MD5.85415D350FEB2B18C1D1B3BB08518DA6] - 05/05/2015 - 10:05:44 ---A- - C:\Windows\Prefetch\GAMESDESKTOP3-FRINSTALLER.TMP-D74A75C6.pf =>Adware.GamesDesktop
O45 - LFCP:[MD5.0F8FA75F99A1496EEF846168C418915F] - 05/05/2015 - 09:59:22 ---A- - C:\Windows\Prefetch\OF_239_FR-I3-SEARCHPROTECT2.E-339B28FF.pf =>PUP.SearchProtect
O45 - LFCP:[MD5.19DA24C2C5293C73859389F1C2906013] - 05/05/2015 - 10:05:32 ---A- - C:\Windows\Prefetch\VUUPCINSTALLER.EXE-9BC3005A.pf =>PUP.VuuPC
O45 - LFCP:[MD5.FBF51885B811D83AE011E28DEA0A28BE] - 26/01/2015 - 10:31:28 ---A- - C:\Windows\Prefetch\WPM_V20.0.0.1714.EXE-F6F5F895.pf =>PUP.WpManager
O61 - LFC: 05/05/2015 - 10:19:27 ---A- . (.AnySend.com.) -- C:\Users\bernard\AppData\Local\Microsoft\Windows\INetCache\IE\Q2AAK5DO\AnySendSetup[1].exe [15777359] =>PUP.ASPackage
O61 - LFC: 05/05/2015 - 10:19:27 ---A- . (.AnySend.com.) -- C:\Users\bernard\AppData\Local\Microsoft\Windows\INetCache\IE\Q4FAE9D8\AnySendnsig[1].exe [333506] =>PUP.ASPackage
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (.AnySend.com.) -- C:\Users\bernard\AppData\Local\Temp\AnySendSetup_full.exe [15777359] =>PUP.ASPackage
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://myhome.vi-view.com =>Hijacker.MyhomeViview
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://myhome.vi-view.com =>Hijacker.MyhomeViview
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (vi-view) - http://myhome.vi-view.com =>Hijacker.MyhomeViview
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] - (Search Provided by Yahoo) - http://fr.yhs4.search.yahoo.comtC0CtCyB0D0C0D0EtAtB0A2QtN0A0LzuyE%26cr%3D964417958%26a%3Dwny_clu_15_18%26os%3DWindows 8.1&p={searchTerms} => Hijacker.Browser
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://myhome.vi-view.com =>Hijacker.MyhomeViview
O87 - FAEL: "{CF04B415-F1CA-4C96-BCEF-629019A75190}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - AnySend Sender Service.) -- C:\Program Files (x86)\AnySend\AnySendSVC.exe =>PUP.ASPackage
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASAPI32 =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASMANCS =>PUP.NetEngine
SS - | Disabled 22/07/1658 158896 | (IHProtect Service) . (...) - C:\Program Files (x86)\XTab\ProtectService.exe =>Adware.AgentODR
SR - | Auto 20/04/2015 3710464 | (AnySendService) . (...) - C:\Program Files (x86)\AnySend\AnySendSVC.exe =>PUP.ASPackage
SR - | Auto 29/04/2015 453632 | (LiveUpdateWPP Manager) . (.LiveWPPUpdate.) - C:\Program Files (x86)\LiveUpdateWPP\LiveUpdateWPP.exe =>PUP.BProtector
[HKLM\SYSTEM\CurrentControlSet\Services\AnySendService] =>PUP.ASPackage^
[HKLM\SYSTEM\CurrentControlSet\Services\LiveUpdateWPP Manager] =>PUP.BProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vi-view uninstall] =>Hijacker.MyhomeViview^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\Softonic] =>PUP.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:gmsd_fr_490 =>PUP.CrossRider^
C:\Program Files (x86)\AnySend =>PUP.ASPackage^
C:\ProgramData\AnySend =>PUP.ASPackage^
C:\ProgramData\FlashBeat =>PUP.FlashBeat^
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^
C:\ProgramData\NetEngine =>PUP.NetEngine^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\bernard\AppData\Roaming\AnySend =>PUP.ASPackage^
C:\Users\bernard\AppData\Roaming\vi-view =>Hijacker.MyhomeViview^
C:\Users\bernard\AppData\Local\Boxore =>Adware.Boxore^
C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\bernard\AppData\Local\Software =>Adware.Boxore
C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage^
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\Appscion] =>PUP.LiveSoftAction^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\WebProtector] =>PUP.WebProtect^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\vi-viewSoftware] =>Hijacker.MyhomeViview^
[HKCU\Software\Softonic]
O45 - LFCP:[MD5.6FDDC37EC431CB24E135D854AD622D9E] - 25/01/2015 - 11:25:14 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_PERFE-2E452304.pf

Lignes superflues ou inutiles :
O2 - BHO: (no name) [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Clé orpheline => Orphean Key not necessary
O44 - LFC:[MD5.31809D68CA4891A59B813C349D5ED778] - 05/05/2015 - 15:37:43 ----- . (...) -- C:\Windows\DtcInstall.log [324] => Fichiers de rapport (Log)
O61 - LFC: 05/05/2015 - 10:19:36 ----- . (...) -- C:\Users\bernard\AppData\Local\Temp\is1798247386\1326000_stp\product.exe [57142] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ----- . (...) -- C:\Users\bernard\AppData\Local\Temp\is45637729\6617729_stp\product.exe [70692] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ----- . (...) -- C:\Users\bernard\AppData\Local\Temp\is82122515\1901507_stp\product.exe [56339] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\Uninstall.exe [61980] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsv7A3F.tmp\inetc.dll [20992] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsyB7E4.tmp\FindProcDLL.dll [31744] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsyB7E4.tmp\nsExec.dll [6656] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\AccessControl.dll [8704] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\IpConfig.dll [117248] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\ProcessKiller.dll [42496] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\SimpleFC.dll [179712] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\SimpleSC.dll [60416] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\System.dll [11264] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\UserInfo.dll [4096] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:36 ---A- . (...) -- C:\Users\bernard\AppData\Local\Temp\nsz7E44.tmp\inetc.dll [20992] => Temporary file not necessary
O61 - LFC: 05/05/2015 - 10:19:37 ---A- . (...) -- C:\Users\bernard\Downloads\spybot.exe [126296] => Safer Networking Ltd - Spybot S&D
O61 - LFC: 06/05/2015 - 10:19:37 ---A- . (.Safer-Networking Ltd..) -- C:\Users\bernard\Downloads\spybot-2.4.exe [46525608] => Spybot-S&D Cleaning

Lignes d'optimisation du démarrage :


EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité