cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
EmptyPrefetch
[MD5.02D55E3F5B153F99B3743A69B95BFA52] - (.DTools LIMITED - Windows DTools.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
[MD5.E9E2DC4B14F2A20046683E2B699BA79C] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\MiuiTab\ProtectService.exe
[MD5.0DE6521016CAE929552DD557979E196C] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\MiuiTab\CmdShell.exe
[MD5.1E212F7810738BD32E51134E4D88F4C9] - (...) -- C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\knsj1A00.tmp
[MD5.918C6F7D4C240FF4D9FBCB8937BD11C3] - (...) -- C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\hnsiE715.tmp
[MD5.2B639342639296899D5488CFFC6914B7] - (...) -- C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\jnsiCD2D.tmp
[MD5.84B5D5396472C76E2DC550F4401EA233] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\MiuiTab\HPNotify.exe
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://search.babylon.com/?affID=110819&tt=060612_7_&babsrc=HP_ss&mntrId=9e171e130000000000006c626d3ee75c"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtA0ByC0D0C0E0C0B0AyEtN0D0Tzu0SyByEtAtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=169365775&ir="
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://start.mysearchdial.com/?f=1&a=dsites05_14_15_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtA0ByC0D0C0E0C0B0AyEtN0D0Tzu0SzztAtDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0EtAyCyDyEtA0BtGtAtD0ByEtG0E0B0EzytGtAtB0C0DtGtDyEtA0D0AzyzytCyBtByD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0FtDtD0DtAyBtGyB0Azz0AtG0EyD0AtDtGyCyEtB0CtGtBzz0FyE0D0BtA0E0ByBzytD2Q&cr=1787291060&ir="
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.oursurfing.com/?type=hp&ts=1435903307&z=84564dd1ee3574af84c797bg8zac3w9t6e8c3cee3t&from=nsbfr&uid=ST1000DM003-1CH162_Z1D7K61TXXXXZ1D7K61T"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.oursurfing.com/?type=hppp&ts=1435903344&z=12204e09fc022c68ed21fa3g1zac7w6t0e7cbc1z1m&from=nsbfr&uid=ST1000DM003-1CH162_Z1D7K61TXXXXZ1D7K61T"
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "http://www.mystartsearch.com/?type=hp&ts=1435906419&z=30e76103d1c85ab65b61b3bg7zfc5wdt9e0q0zboag&from=cmi&uid=ST1000DM003-1CH162_Z1D7K61TXXXXZ1D7K61T"
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/
O2 - BHO: On Stage [64Bits] - {9771c444-42b0-4e23-a7fb-ff707123ab30} (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010020] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010021] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010022] (Orphean)
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files (x86)\MiuiTab\ProtectService.exe
O23 - Service: Broadcast Ampersand (jekivoge) . (...) - C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\knsj1A00.tmp
O23 - Service: Encyclopaedia Enter (vicoqudu) . (...) - C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\hnsiE715.tmp
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.DTools LIMITED - Windows DTools.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: Typewriter High Resolution (zejytose) . (...) - C:\Users\Mathieu\AppData\Roaming\1EC882A0-1435903919-11DD-B01F-D850E63B6DCE\jnsiCD2D.tmp
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP1.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP2.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP3.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Digital Sites.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\AutoKMS
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Digital Sites
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect
HKCU\SOFTWARE\AppDataLow\Software\Crossrider
C:\Program Files (x86)\AnyProtectEx
C:\Program Files (x86)\BrowseMark
C:\Program Files (x86)\Jump Flip
C:\Program Files (x86)\MiuiTab
C:\Program Files (x86)\predm
C:\ProgramData\Driver Support
C:\ProgramData\IHProtectUpDate
C:\ProgramData\Microsoft Toolkit
C:\ProgramData\WindowsMangerProtect
C:\Users\Mathieu\AppData\Roaming\AnyProtectEx
C:\Users\Mathieu\AppData\Roaming\DigitalSites
C:\Users\Mathieu\AppData\Roaming\Nosibay
C:\Users\Mathieu\AppData\Roaming\Store
C:\Users\Mathieu\AppData\Roaming\systweak
3C:\Users\Mathieu\AppData\Roaming\WTools
C:\Users\Mathieu\AppData\Local\Crossbrowse
C:\Users\Mathieu\AppData\Local\globalUpdate
C:\Users\Mathieu\AppData\Local\SmartWeb
C:\Users\Mathieu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.oursurfing.com/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.oursurfing.com/
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.oursurfing.com/
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (oursurfing) - http://www.oursurfing.com/
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Mysearchdial) - http://www.oursurfing.com/
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.oursurfing.com/
SR - Auto [2015/07/03 08:02:26] [ 707240] WindowsMangerProtect Service (WindowsMangerProtect) . (.DTools LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBrowseMark_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBrowseMark_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateJumpFlip_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateJumpFlip_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBrowseMark_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBrowseMark_RASMANCS
EmptyCLSID
Emptytemp

Publicité


Signaler le contenu de ce document

Publicité