cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


Lignes indésirables :
O4 - HKCU\..\Run: [c8c25c9f2310298b572ff8e2f9906425] . (.rockstargames - GTA 5.) -- C:\Users\ECO-TEK\AppData\Local\Temp\seymr.exe => Infection Rogue (Trojan.FakeAlert)
O4 - HKLM\..\Wow6432Node\Run: [c8c25c9f2310298b572ff8e2f9906425] . (.rockstargames - GTA 5.) -- C:\Users\ECO-TEK\AppData\Local\Temp\seymr.exe => Infection Rogue (Trojan.FakeAlert)
O4 - HKUS\S-1-5-21-226421679-832858860-2654727482-1001\..\Run: [c8c25c9f2310298b572ff8e2f9906425] . (.rockstargames - GTA 5.) -- C:\Users\ECO-TEK\AppData\Local\Temp\seymr.exe => Infection Rogue (Trojan.FakeAlert)
O23 - Service: ExtTag service (ExtTag) . (...) - C:\ProgramData\ExtTag\ExtTag (.not file.) => PUP.Optional.ExtTag
HKCU\SOFTWARE\c8c25c9f2310298b572ff8e2f9906425 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\DC3_FEXEC =>Trojan.Fynloski
HKCU\SOFTWARE\Iminent Browser =>PUP.Optional.IMBooster
HKCU\SOFTWARE\Start Page => Adware.WidgiToolbar
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
O43 - CFD: 2015/07/29 09:12:03 - [] D -- C:\Program Files (x86)\Software =>PUP.Optional.Boxore
O43 - CFD: 2015/07/26 18:56:11 - [] D -- C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf => Infection Rogue (Possible)
O43 - CFD: 2015/07/25 18:06:56 - [] D -- C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 => Infection Rogue (Possible)
O43 - CFD: 2015/08/02 10:12:31 - [] D -- C:\ProgramData\ITHelper => Infection FakeAlert
O45 - LFCP:[MD5.55722A244F3335E30F234B8317F11C7F] 2015/07/26 18:39:26 A -- C:\Windows\Prefetch\ACENGINE.EXE-22A9DDE1.pf =>PUP.Optional.Abengine
O45 - LFCP:[MD5.13512366F3F74B1C80B6C5DEF3F5C586] 2015/07/25 19:40:32 A -- C:\Windows\Prefetch\ANYANGLE.PURBROWSE64.EXE-D4BE012F.pf =>PUP.Optional.AnyAngle
O45 - LFCP:[MD5.288D7CACEE3BE714F99E1691338B8D5F] 2015/07/26 18:55:48 A -- C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-0D838888.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.10D855D346AD5ABBB58A2E529374AC1E] 2015/07/26 18:54:23 A -- C:\Windows\Prefetch\BUBBLE DOCK.EXE-D3E06206.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.67556DE30F9E03E407D6AAF80AFE286F] 2015/07/26 19:32:11 A -- C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.Optional.CrossBrowse
O45 - LFCP:[MD5.D1827E0ACA6B6CAC36AFB0639DA91B59] 2015/07/29 09:12:54 A -- C:\Windows\Prefetch\DISKCLEANER.EXE-FC66BDF4.pf =>PUP.Optional.DiskCleaner
O45 - LFCP:[MD5.A3D121571CCAB6E571DE37382F707202] 2015/07/25 20:28:51 A -- C:\Windows\Prefetch\MOVIEDEA.EXE-E43C8CF7.pf =>PUP.Optional.MovieDea
O45 - LFCP:[MD5.21FC1330EAB58FED3FDE23E87AB02BF6] 2015/07/25 18:01:13 A -- C:\Windows\Prefetch\PRODUCTDEALS.PURBROWSE64.EXE-3401F14D.pf =>PUP.Optional.ProductDeals
O45 - LFCP:[MD5.84AB0310AAF67E1867C7B8A437F14AB9] 2015/07/26 19:13:16 A -- C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf =>PUP.Optional.ReImageRepair
O45 - LFCP:[MD5.9983AAF651EEFA6E7E5D097BC367623C] 2015/07/26 19:12:40 A -- C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-6BCE68B1.pf =>PUP.Optional.ReImageRepair
O45 - LFCP:[MD5.511AB15A5E521628685F6B29ADB27131] 2015/07/26 18:57:20 A -- C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-801B318B.pf =>PUP.Optional.Nosibay
O45 - LFCP:[MD5.FC5B6694286E6776DBD5392FD95FF341] 2015/07/26 19:07:58 A -- C:\Windows\Prefetch\UMBRELLA246.EXE-CFEA2DB7.pf =>PUP.Optional.IMBooster
O45 - LFCP:[MD5.ED8CCC487A79389923E246F4524B7E74] 2015/07/26 19:32:42 A -- C:\Windows\Prefetch\UPGMSD_FR_005010041.EXE-D6F638EE.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.BEC61B9FF9E284535B4745312DF71917] 2015/07/26 18:48:24 A -- C:\Windows\Prefetch\UPMBOT_FR_014010041.EXE-36C00D94.pf =>PUP.Optional.CrossRider
O69 - SBI: SearchScopes [HKCU] {ielnksrch} [DefaultScope] - (Search the web) - http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByKo5GOPu13rXwwrFEOI270fDYr4L1tMXHyZ4Z-jCP72-vmtIDcC4Hqy3WRO3TSRwjAyJ4coNIdcaI2AMuibdfUCn8pd1A8ItTZXwwmZqW-snv5JYJP2Wsg_934_aGuLpjEn5cIgRUMv2pLfskW3KAFqdOd8d&q={searchTerms} => Adware.IMBooster*
HKCU\SOFTWARE\DC3_FEXEC =>Trojan.Fynloski
HKCU\SOFTWARE\Iminent Browser =>PUP.Optional.IMBooster
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
C:\Program Files (x86)\Software =>PUP.Optional.Boxore
C:\Windows\Prefetch\ACENGINE.EXE-22A9DDE1.pf =>PUP.Optional.Abengine
C:\Windows\Prefetch\ANYANGLE.PURBROWSE64.EXE-D4BE012F.pf =>PUP.Optional.AnyAngle
C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-0D838888.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\BUBBLE DOCK.EXE-D3E06206.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.Optional.CrossBrowse
C:\Windows\Prefetch\DISKCLEANER.EXE-FC66BDF4.pf =>PUP.Optional.DiskCleaner
C:\Windows\Prefetch\MOVIEDEA.EXE-E43C8CF7.pf =>PUP.Optional.MovieDea
C:\Windows\Prefetch\PRODUCTDEALS.PURBROWSE64.EXE-3401F14D.pf =>PUP.Optional.ProductDeals
C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf =>PUP.Optional.ReImageRepair
C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-6BCE68B1.pf =>PUP.Optional.ReImageRepair
C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-801B318B.pf =>PUP.Optional.Nosibay
C:\Windows\Prefetch\UMBRELLA246.EXE-CFEA2DB7.pf =>PUP.Optional.IMBooster
C:\Windows\Prefetch\UPGMSD_FR_005010041.EXE-D6F638EE.pf =>PUP.Optional.CrossRider
C:\Windows\Prefetch\UPMBOT_FR_014010041.EXE-36C00D94.pf =>PUP.Optional.CrossRider
[[MD5.D86F421BD76716C7A2D785ECFE4B17ED] - (.Copyright © 2015 - Application.) -- C:\ProgramData\ITHelper\ITHelper.exe [36352] [PID.1448]
[MD5.6481383ED822712592243C7AB4AF3B17] - (...) -- C:\Users\TEMP\AppData\Local\Prparationdes\préparation.exe [33280] [PID.1600]
[MD5.CF54A77D3EFEA732BF24B329452A7824] - (...) -- C:\ProgramData\NT Kernel\NTKernel.exe [254280] [PID.2884]
[MD5.CF54A77D3EFEA732BF24B329452A7824] - (...) -- C:\ProgramData\NT Kernel\NTKernel.exe [254280] [PID.3632]
[MD5.E8B2DEA2DB8E970A9B594C3C9AF47609] - (.Copyright © 2014 - StproW.) -- C:\ProgramData\ITHelper\acps0tup.exe [145408] [PID.3432]
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByKo5GOPu13rXwwrFEOI270fDYr4L1tMXHyZ4Z-jCP72-vmtIDcC4Hqy3WRO3TSRwjAyJ4coNIdcaI2zLfrN3AG93C7B-6EYiXo1CujiAdHgU3dugn7mBPV4w7a1-ilLdLPwYM00s_x0lyT8TdS2nBZB74OIQ
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxwwrfeoi270fdyr4l1tmxhyz4z-jcp72-vmtidcc4hqy3wro3tsrwjayj4conidcai2amuibdfucn8pd1a8ittzxwwmzqw-snv5jyjp2wsg_934_agulpjen5cigrumv2plfskw3kafqdod8d&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxwwrfeoi270fdyr4l1tmxhyz4z-jcp72-vmtidcc4hqy3wro3tsrwjayj4conidcai2amuibdfucn8pd1a8ittzxwwmzqw-snv5jyjp2wsg_934_agulpjen5cigrumv2plfskw3kafqdod8d&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxwwrfeoi270fdyr4l1tmxhyz4z-jcp72-vmtidcc4hqy3wro3tsrwjayj4conidcai2amuibdfucn8pd1a8ittzxwwmzqw-snv5jyjp2wsg_934_agulpjen5cigrumv2plfskw3kafqdod8d&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxwwrfeoi270fdyr4l1tmxhyz4z-jcp72-vmtidcc4hqy3wro3tsrwjayj4conidcai2amuibdfucn8pd1a8ittzxwwmzqw-snv5jyjp2wsg_934_agulpjen5cigrumv2plfskw3kafqdod8d&q={searchterms}
O20 - AppInit_DLLs: . (.Copyright (C) 2015 - .) - C:\ProgramData\ITHelper\uathi3qf.dll
O23 - Service: Préparation des applications 1.0.25 (ITK37) . (...) - C:\Users\TEMP\AppData\Local\Prparationdes\préparation.exe
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cZ4BFk8HG9XH6DzfjubK.job [1036]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\DVIASFY1.job [344]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FUJNBMD.job [1364]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\JACAABLUJKIFYUQU.job [362]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\MasterCleaner.job [392]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\NUWHMPMDYLTWTAIL.job [362]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\QHMAOXUR.job [1710]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\TTDIQIOJHBOTJMHD.job [362]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\DVIASFY1 [2858]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FUJNBMD [4374]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\JACAABLUJKIFYUQU [3374]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\MasterCleaner [3282]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\NUWHMPMDYLTWTAIL [3374]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\QHMAOXUR [4720]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\sab3009 [3092]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\TTDIQIOJHBOTJMHD [3374]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Win Defrag [3276]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{968D1FFA-089C-4C9A-B421-3CFA4757C045} [3120]
HKCU\SOFTWARE\cZ4BFk8HG9XH6DzfjubK
HKCU\SOFTWARE\FUJNBMD
HKCU\SOFTWARE\n224w9hV
HKCU\SOFTWARE\QHMAOXUR
HKCU\SOFTWARE\AppDataLow\Software\iyamebmees
O43 - CFD: 2015/08/02 10:12:22 - [] D -- C:\ProgramData\ITHelpers
O43 - CFD: 2015/07/29 09:05:40 - [] SHD -- C:\ProgramData\NT Kernel
O43 - CFD: 2015/06/20 13:15:47 - [] D -- C:\Users\ECO-TEK\AppData\Local\Вoйти в Интeрнет
O43 - CFD: 2015/06/20 13:09:23 - [] D -- C:\Users\ECO-TEK\AppData\Local\Поиcк в Интeрнете

Lignes superflues ou inutiles :
[MD5.CF54A77D3EFEA732BF24B329452A7824] - (...) -- C:\Users\ECO-TEK\AppData\Local\Temp\peverify.exe [254280] [PID.3644] => Temporary file not necessary
[MD5.EDC7623710D53A8E15489BC3F4389C30] - (.rockstargames - GTA 5.) -- C:\Users\ECO-TEK\AppData\Local\Temp\seymr.exe [333824] [PID.4076] => Temporary file not necessary
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\ECO-TEK\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.3628]
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\ECO-TEK\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.3940]
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\ECO-TEK\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-226421679-832858860-2654727482-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\ECO-TEK\AppData\Local\Akamai\netsession_win.exe
O23 - Service: ITHelper service (ITHelper) . (...) - C:\ProgramData\ITHelper\ITHelper (.not file.) => Fichier absent
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai => Akamai
HKCU\SOFTWARE\Akamai
O43 - CFD: 2014/11/26 02:46:41 - [0] SHD -- C:\ProgramData\Menu Démarrer => Empty Folder not necessary
O43 - CFD: 2014/11/26 02:46:41 - [0] SHD -- C:\ProgramData\Modèles => Empty Folder not necessary
O43 - CFD: 2015/05/30 00:12:00 - [] D -- C:\ProgramData\thriXXX => thriXXX Game
O43 - CFD: 2015/08/01 20:09:35 - [] D -- C:\Users\ECO-TEK\AppData\Local\Akamai
O58 - SDL:2015/03/30 15:28:52 AH . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\Windows\System32\drivers\Hamdrv.sys [44296] => Fichiers de rapport (Log)
O61 - LFC: 2015/08/01 20:09:16 A . (.Akamai Technologies, Inc..) -- C:\Users\ECO-TEK\AppData\Local\Akamai\netsession_installer.exe [10473944]
O87 - FAEL: "TCP Query User{CA812E71-109B-4957-8F40-006C46822D57}C:\users\eco-tek\appdata\local\akamai\netsession_win.exe" [In-None-P6-TRUE] .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\users\eco-tek\appdata\local\akamai\netsession_win.exe
O87 - FAEL: "UDP Query User{C99E87A3-E3E4-441C-82DC-20EBFAD7D833}C:\users\eco-tek\appdata\local\akamai\netsession_win.exe" [In-None-P17-TRUE] .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\users\eco-tek\appdata\local\akamai\netsession_win.exe


Lignes d'optimisation du démarrage :


EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité