cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


Lignes indésirables :
[MD5.00000000000000000000000000000000] [APT] [PC Performer] (...) -- C:\Program Files (x86)\PC Performer\PCPerformer.exe (.not file.) [0] =>PUP.PCPerformer
[MD5.00000000000000000000000000000000] [APT] [{166E62E7-67B9-4793-8709-A387E07C928A}] (...) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.4.9\GUninstaller.exe (.not file.) [0] =>PUP.Babylon
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\FileScout] =>PUP.FileScout
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\iWin] => Adware.iWinArcade
O43 - CFD: 22/04/2014 - 13:38:56 - [] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 06/12/2012 - 21:11:13 - [] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 06/12/2012 - 21:10:57 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 24/10/2013 - 15:59:52 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 07/12/2012 - 12:18:03 - [] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 19/12/2012 - 18:39:10 - [] ----D C:\Users\Rodriguez\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 19/12/2012 - 18:39:10 - [] ----D C:\Users\Rodriguez\AppData\Roaming\iWin => Adware.iWinArcade
O43 - CFD: 19/12/2012 - 18:39:12 - [0] ----D C:\Users\Rodriguez\AppData\Roaming\PerformerSoft =>PUP.PerformerSoft
O43 - CFD: 29/01/2013 - 13:19:11 - [] ----D C:\Users\Rodriguez\AppData\Local\Software => Infection PUP (Adware.Boxore)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASAPI32 =>PUP.PerformerSoft
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASMANCS =>PUP.PerformerSoft
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VideoPerformerSetup_RASAPI32 =>PUP.VideoPerformer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VideoPerformerSetup_RASMANCS =>PUP.VideoPerformer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1564_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-1564_RASMANCS =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>PUP.Babylon
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>PUP.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}] =>PUP.Datamngr
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\iwin] =>Adware.iWinArcade
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}] =>PUP.Babylon
C:\Program Files (x86)\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Yontoo =>Adware.Yontoo^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\Rodriguez\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Rodriguez\AppData\Roaming\PerformerSoft =>PUP.PerformerSoft^
C:\Users\Rodriguez\AppData\Roaming\iWin =>Adware.iWinArcade
C:\Users\Rodriguez\AppData\Local\Software =>Adware.Boxore
C:\Users\Rodriguez\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[MD5.E8B7FD67DA14A7BE57A5CB80E3139E60] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [309704] [PID.5076]
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Ask Toolbar BHO [64Bits] - {D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
[MD5.B0EC253506BEE5CC1B004CD0E7A698E9] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe [135368]
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5637-4300-76A7-A758B70C1D00}
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: Ask Toolbar Updater - (.Ask.com.) [HKCU][64Bits] -- {79A765E1-C399-405B-85AF-466F52E918B0}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
[HKCU\Software\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AskPartnerNetwork]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Wow6432Node\APN]
[HKLM\Software\Wow6432Node\AskPartnerNetwork]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Conduit]
O43 - CFD: 18/06/2012 - 22:24:27 - [] ----D C:\Program Files (x86)\Ask.com
O43 - CFD: 07/06/2015 - 08:28:17 - [0] ----D C:\Program Files (x86)\AskPartnerNetwork
O43 - CFD: 18/05/2014 - 15:20:33 - [] ----D C:\ProgramData\APN
O43 - CFD: 15/04/2012 - 14:03:03 - [] ----D C:\ProgramData\Ask
O43 - CFD: 18/05/2014 - 15:20:41 - [] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 07/06/2015 - 08:27:20 - [0] ----D C:\Users\Rodriguez\AppData\Local\AskPartnerNetwork
O69 - SBI: SearchScopes [HKCU] {9E38E2A5-51F5-466E-8321-A1A4A7C61C88} - (Ask Search) - http://www.search.ask.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {72CFCD89-9C98-40CD-A078-8FF05588DF69} - (Ask Search) - http://www.search.ask.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {72CFCD89-9C98-40CD-A078-8FF05588DF69} - (Ask Search) - http://www.search.ask.com
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe
O90 - PUC: "D2A425F473650034677A7A857BC0D100" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-4300-76A7-A758B70C1D00}\ToolbarIcon.exe
[MD5.D7480DE6DB5C60BA85D9F2222BE10F41] [WIS][04/06/2015] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\302097a.msi [528384]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-4300-76A7-A758B70C1D00}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}]
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}]
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL]
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd]
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Wow6432Node\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Wow6432Node\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKCU\Software\APN]
[HKLM\Software\Wow6432Node\APN]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32]
[HKCU\Software\AskPartnerNetwork]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Wow6432Node\AskPartnerNetwork]
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440}
C:\Program Files (x86)\AskPartnerNetwork
C:\ProgramData\AskPartnerNetwork
C:\Users\Rodriguez\AppData\Local\AskPartnerNetwork
C:\Program Files (x86)\Ask.com
C:\Users\Rodriguez\AppData\LocalLow\AskToolbar
C:\Program Files (x86)\Ask.com\UpdateTask.exe
[HKLM\Software\Wow6432Node\Conduit]
C:\Windows\Installer\302097a.msi

Lignes superflues ou inutiles :
[MD5.1CA034E7FEB38FB4F3484AEC092C403F] - (.Ask - Ask Updater.) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872] [PID.4032]
[MD5.00000000000000000000000000000000] [APT] [4802] (...) -- C:\Users\Rodriguez\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{24A228B2-C8F0-4CB3-9598-72E1616976BA}] (...) -- C:\Program Files (x86)\FantastiGames\Uninstall.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{CAEEACEE-C38E-469F-B9D9-2843B225BF6E}] (...) -- C:\Remote Programs\Heartwild Solitaire - Book Two\GPlrLanc.exe (.not file.) [0] => Fichier absent
O43 - CFD: 19/12/2012 - 18:38:50 - [0] ----D C:\Users\Rodriguez\AppData\Local\PackageAware => InstallAware Software Corp.

Lignes d'optimisation du démarrage :
OPT:O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
[MD5.00000000000000000000000000000000] [APT] [Adobe Reader Speed Launcher] (...) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (.not file.) [0]
[HKLM\Software\BrowserChoice]


EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité