cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

[code]
Script ZHPFix
ShortcutFix
ProxyFix
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fin.flashinfonaut.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://swim.flashinfonaut.com/
P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=3] - (.The Software Group.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll
P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=9] - (.The Software Group.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/
O2 - BHO: youtubeadblocker - {44EBCB34-CC0C-4E08-9D4A-5CBE1077107A} . (...) -- C:\Program Files\youtubeadblocker\mpbnV66hLvPJGX.dll (.not file.)
O2 - BHO: PricEeLeSs - {60AA9D8A-D70F-4750-B235-A4EF130B432D} . (...) -- C:\Program Files\PricEeLeSs\wZolBdHOikmLC9.dll (.not file.)
O4 - HKCU\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O4 - HKUS\S-1-5-21-312726601-224231322-3187294837-1001\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (...) - C:\Program Files\globalUpdate\Update\globalupdate.exe (.not file.)
[MD5.7FF1CD894D4F6D261A1086E58AF4C777] [APT] [JavaBuddy] (...) -- c:\programdata\{792f3594-ec7a-3a99-792f-f3594ec7d653}\nss721c.tmp.exe [313856]
[MD5.00000000000000000000000000000000] [APT] [Mleankifoue] (...) -- C:\ProgramData\Mleankifoue\1.0.4.1\onosnruw.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files\Software\Update\SoftwareUpdate.exe (.not file.) [0]
O39 - APT: SoftwareUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [920]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Advanced System~Protector_startup [3064]
O39 - APT: Mleankifoue - (...) -- C:\Windows\System32\Tasks\Mleankifoue [3458]
O39 - APT: SoftwareUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [3892]
O42 - Logiciel: Advanced-System Protector - (.Advanced System Protector.) [HKLM] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM] -- AnyProtect
O42 - Logiciel: AnySend - (.CMI Limited.) [HKLM] -- ASPackage
O42 - Logiciel: DesktopSearch - (.Unique Solutions.) [HKLM] -- DesktopSearch
O42 - Logiciel: GoHD - (.InstallMoon.) [HKLM] -- GoHD
O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM] -- mystartsearch uninstall
O42 - Logiciel: RegClean-Pro - (.systweak.com.) [HKLM] -- RegClean-Pro_is1
O42 - Logiciel: SmartWeb - (.SoftBrain Technologies Ltd..) [HKLM] -- SmartWeb
O42 - Logiciel: WordShark 1.10.0.20 - (.WordShark.) [HKLM] -- WordShark_1.10.0.20
O42 - Logiciel: youtubeadblocker - (...) [HKLM] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507}
O42 - Logiciel: PricEeLeSs - (...) [HKLM] -- {75F9BF4A-AF67-A478-A37B-31D73186D3F3}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {E199C882-78F1-45F1-9D8A-3DD3AF97A7C0}
HKLM\SOFTWARE\61144aeb-0cff-4f31-ae48-0a0fc98a1898
HKLM\SOFTWARE\Conduit
HKLM\SOFTWARE\GlobalUpdate
HKLM\SOFTWARE\InstalledBrowserExtensions
HKLM\SOFTWARE\SearchProtect
HKLM\SOFTWARE\Systweak
HKCU\SOFTWARE\AnyProtect
HKCU\SOFTWARE\APN PIP
HKCU\SOFTWARE\Boxore
HKCU\SOFTWARE\gamesdesktop
HKCU\SOFTWARE\globalUpdate
HKCU\SOFTWARE\GoHD
HKCU\SOFTWARE\GoHD-nv
HKCU\SOFTWARE\GoHD-nv-ie
HKCU\SOFTWARE\HomeTab
HKCU\SOFTWARE\InstalledBrowserExtensions
HKCU\SOFTWARE\Linkey
HKCU\SOFTWARE\SearchProtectWS
HKCU\SOFTWARE\SimplyTech
HKCU\SOFTWARE\systweak
HKCU\SOFTWARE\TNT2
HKCU\SOFTWARE\Tutorials
HKCU\SOFTWARE\TutoTag
HKCU\SOFTWARE\WajIEnhance
HKCU\SOFTWARE\WajIntEnhance
HKCU\SOFTWARE\AppDataLow\Software\Crossrider
HKCU\SOFTWARE\AppDataLow\Software\SmartWeb
3 - CFD: 2015/08/17 20:55:28 - [] D -- C:\Program Files\012e9767-fbd1-43af-97ea-e9c9f655a2fe
3 - CFD: 2015/08/17 20:44:05 - [] D -- C:\Program Files\Boxore
3 - CFD: 2015/08/17 21:15:33 - [] D -- C:\Program Files\globalUpdate
3 - CFD: 2015/08/17 20:43:20 - [] D -- C:\Program Files\Software
3 - CFD: 2015/08/17 21:15:33 - [0] D -- C:\ProgramData\Systweak
3 - CFD: 2015/08/17 21:15:33 - [0] D -- C:\Users\coco\AppData\Roaming\systweak
3 - CFD: 2015/08/17 21:11:50 - [] D -- C:\Users\coco\AppData\Local\DesktopSearch
3 - CFD: 2015/08/17 20:55:14 - [] D -- C:\Users\coco\AppData\Local\globalUpdate
O45 - LFCP:[MD5.67BE0465E126558CDD685D54DE9ECB91] 2015/08/17 20:55:06 A -- C:\Windows\Prefetch\ADVANCEDSYSTEMPROTECTOR.EXE-08B8726D.pf
O45 - LFCP:[MD5.A12980260996528B152650CBB3E8B5ED] 2015/08/17 20:56:47 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-26E56693.pf
O45 - LFCP:[MD5.DAC43D0078B39C5BFE566AEA47F1DBCF] 2015/08/17 21:16:24 A -- C:\Windows\Prefetch\BOXORE.EXE-ACD45B58.pf
O45 - LFCP:[MD5.29859CF6DBD08D44AE49A730321459E0] 2015/08/17 20:50:29 A -- C:\Windows\Prefetch\DESKTOPSEARCH_SOFT_PARTNER.EX-3ECE2EB9.pf
O45 - LFCP:[MD5.809E292D3124452931EE66404DE05BEF] 2015/08/17 20:55:18 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-2F6BF1C0.pf
O45 - LFCP:[MD5.723ECED5DA11E76704291D97807F4B68] 2015/08/17 21:00:01 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-5FFC2713.pf
O45 - LFCP:[MD5.071B9C5022FE0BB8F32BAA2D15B8683B] 2015/08/17 21:00:00 A -- C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-6626A863.pf
O45 - LFCP:[MD5.06BC0F33F66E947570B54533AA3917C8] 2015/08/17 20:44:32 A -- C:\Windows\Prefetch\GMSD_FR_005010062.EXE-69DD7766.pf
O45 - LFCP:[MD5.8AFE22D2BB5124FF410EB2A5328543A5] 2015/08/17 20:55:15 A -- C:\Windows\Prefetch\MOVIEDEA.EXE-D77BA584.pf
O45 - LFCP:[MD5.F6CFDAADF8404E2F7498CEA1AC2C9A03] 2015/08/17 20:43:29 A -- C:\Windows\Prefetch\SMARTWEBAPP.EXE-6B152240.pf
O45 - LFCP:[MD5.BD84A3FFD944A106BDA4921D2E3C88BF] 2015/08/17 20:43:27 A -- C:\Windows\Prefetch\SMARTWEBHELPER.EXE-B587E01B.pf
O45 - LFCP:[MD5.258A83B9A4AD788C6029A6A3B106EA44] 2015/08/17 20:54:54 A -- C:\Windows\Prefetch\SYSTWEAKASP.EXE-B0FD6CFC.pf
O45 - LFCP:[MD5.9F319A8BF071D5DE33A3712F94855745] 2015/08/17 20:54:54 A -- C:\Windows\Prefetch\SYSTWEAKASP.TMP-AF1A7E0E.pf
O45 - LFCP:[MD5.8B22F74F4A7958912C20E33AC96E4B86] 2015/08/17 20:47:33 A -- C:\Windows\Prefetch\UPGMSD_FR_005010062.EXE-B103E498.pf
O45 - LFCP:[MD5.7E66B81AE705A86654E629FA4A5840D6] 2015/08/17 20:56:01 A -- C:\Windows\Prefetch\WINDESKWINSEARCH_SILENT_S3.EX-FA95F796.pf
O45 - LFCP:[MD5.228F2B225E1DBAC0618ED01D4FD9BFB5] 2015/08/17 20:43:55 A -- C:\Windows\Prefetch\WORDSHARKAUTOUPDATECLIENT.EXE-2FC220F5.pf
O45 - LFCP:[MD5.179673EE51AD8442748CB3307BEBC1A6] 2015/08/17 20:43:33 A -- C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-21647F43.pf
O61 - LFC: 2015/08/17 20:55:58 A . (..) -- C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UM29H9MQ\WindeskWinsearch_silent_s3[1].exe [1022320]
O61 - LFC: 2015/08/17 20:56:26 A . (.AnyProtect.com.) -- C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UBGL6ZN9\AnyProtect[1].exe [6434816]
O61 - LFC: 2015/08/17 20:53:32 A . (..) -- C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UBGL6ZN9\MovieDea_t13_Setup[1].exe [1778553]
O61 - LFC: 2015/08/17 20:56:15 A . (.CMI Limited.) -- C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\U7DLXTW7\AnyProtectSetup[1].exe [613255]
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com/
O69 - SBI: SearchScopes [HKCU] {E1D62C7A-2ECB-4A9B-9A7C-7D03BCBA9D67} [DefaultScope] - (Bing.com) - http://www.trovi.com/
O87 - FAEL: "{8E385C9E-6BE2-4106-899E-97551B8FBD07}" [In-None-P17-TRUE] .(...) -- C:\Users\coco\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe (.not file.)
O87 - FAEL: "{A7C6B83A-BF61-47AA-BC94-E067E200335E}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\GeePlayer\GeePlayer.exe (.not file.)
O87 - FAEL: "{FCCB27C7-F3BD-4FE0-9145-016C17339703}" [In-None-P17-TRUE] .(...) -- C:\Users\coco\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{6AC33DC3-3360-4BB6-A288-054664464087}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{8E71EDE5-83FC-4C4D-975D-151C492D2BD5}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{339CF581-12FA-448E-9B4B-DA1A8C7CECFA}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{FC73A0C2-7454-4E7B-AAC4-A608149515DD}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O90 - PUC: "288C991E1F871F54D9A8D33DFA797A0C" . (.Boxore Client.) -- C:\Windows\Installer\{E199C882-78F1-45F1-9D8A-3DD3AF97A7C0}\Boxore.ico
[MD5.] [WIS][2015/08/17 20:43:20] (.The Software Group - Windows Installer XML Toolset (3.8.1128.0).) -- C:\Windows\Installer\1c6944.msi [45056]
[MD5.] [WIS][2015/08/17 20:44:04] (.Boxore OU - Windows Installer XML Toolset (3.8.1128.0).) -- C:\Windows\Installer\1c6948.msi [3878912]
C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44EBCB34-CC0C-4E08-9D4A-5CBE1077107A}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60AA9D8A-D70F-4750-B235-A4EF130B432D}
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\Advanced System~Protector_startup
C:\Windows\System32\Tasks\Mleankifoue
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopSearch
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmartWeb
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WordShark_1.10.0.20
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E199C882-78F1-45F1-9D8A-3DD3AF97A7C0}
C:\Program Files\012e9767-fbd1-43af-97ea-e9c9f655a2fe
C:\Program Files\Boxore
C:\Program Files\globalUpdate
C:\Program Files\Software
C:\ProgramData\Systweak
C:\Users\coco\AppData\Roaming\systweak
C:\Users\coco\AppData\Local\DesktopSearch
C:\Users\coco\AppData\Local\globalUpdate
C:\Windows\Prefetch\ADVANCEDSYSTEMPROTECTOR.EXE-08B8726D.pf
C:\Windows\Prefetch\ANYPROTECT.EXE-26E56693.pf
C:\Windows\Prefetch\BOXORE.EXE-ACD45B58.pf
C:\Windows\Prefetch\DESKTOPSEARCH_SOFT_PARTNER.EX-3ECE2EB9.pf
C:\Windows\Prefetch\GLOBALUPDATE.EXE-2F6BF1C0.pf
C:\Windows\Prefetch\GLOBALUPDATE.EXE-5FFC2713.pf
C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-6626A863.pf
C:\Windows\Prefetch\GMSD_FR_005010062.EXE-69DD7766.pf
C:\Windows\Prefetch\MOVIEDEA.EXE-D77BA584.pf
C:\Windows\Prefetch\SMARTWEBAPP.EXE-6B152240.pf
C:\Windows\Prefetch\SMARTWEBHELPER.EXE-B587E01B.pf
C:\Windows\Prefetch\SYSTWEAKASP.EXE-B0FD6CFC.pf
C:\Windows\Prefetch\SYSTWEAKASP.TMP-AF1A7E0E.pf
C:\Windows\Prefetch\UPGMSD_FR_005010062.EXE-B103E498.pf
C:\Windows\Prefetch\WINDESKWINSEARCH_SILENT_S3.EX-FA95F796.pf
C:\Windows\Prefetch\WORDSHARKAUTOUPDATECLIENT.EXE-2FC220F5.pf
C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-21647F43.pf
C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UM29H9MQ\WindeskWinsearch_silent_s3[1].exe
C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UBGL6ZN9\AnyProtect[1].exe
C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\UBGL6ZN9\MovieDea_t13_Setup[1].exe
C:\Users\coco\AppData\Local\Microsoft\Windows\INetCache\IE\U7DLXTW7\AnyProtectSetup[1].exe
C:\Windows\Installer\{E199C882-78F1-45F1-9D8A-3DD3AF97A7C0}\Boxore.ico
HKLM\Software\Classes\Installer\Products\288C991E1F871F54D9A8D33DFA797A0C
HKLM\Software\Classes\Installer\Features\288C991E1F871F54D9A8D33DFA797A0C
C:\Windows\Installer\1c6944.msi
C:\Windows\Installer\1c6948.msi
O23 - Service: KVgibIvL (KVgibIvL) . (...) - C:\ProgramData\tOTpNUYqp\KVgibIvL.exe (.not file.)
O42 - Logiciel: Friendly Error - (...) [HKLM] -- FriendlyError
O87 - FAEL: "TCP Query User{835DECB2-5BAC-49A7-9D7B-95759FCFEC4A}C:\users\coco\desktop\flashget 3\flashget3.exe" [In-None-P6-TRUE] .(...) -- C:\users\coco\desktop\flashget 3\flashget3.exe (.not file.)
O87 - FAEL: "UDP Query User{13B4C7B3-ED8C-4DEA-AD6E-62DE4B1F68B3}C:\users\coco\desktop\flashget 3\flashget3.exe" [In-None-P17-TRUE] .(...) -- C:\users\coco\desktop\flashget 3\flashget3.exe (.not file.)
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ads.ad4game.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://b.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d3kjggt7tl9go7.cloudfront.net/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://r1---sn-25ge7n7k.gvt1.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://redirector.gvt1.com/
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
O39 - APT: JavaBuddy - (...) -- C:\Windows\Tasks\JavaBuddy.job [352]
O39 - APT: JavaBuddy - (...) -- C:\Windows\System32\Tasks\JavaBuddy [3236]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CORENTIN-coco corentin [5068]
HKLM\SOFTWARE\FolderUpdater
O43 - CFD: 2015/08/17 20:43:30 - [] D -- C:\ProgramData\{792f3594-ec7a-3a99-792f-f3594ec7d653}
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- Chrome.exe
EmptyPrefetch
EmptyFlash
FirewallRAZ
EmptyTemp
EMPTYCLSID
HostFix
IFEOFix
SYSRESTORE
[/code]

Publicité


Signaler le contenu de ce document

Publicité