cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st750lm022xhn-m750mbb_s2y1j9ada00977 =>Trojan.Staser
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.yac.mx/?utm_source=b&utm_medium=iSafe&from=iSafe&uid=st750lm022xhn-m750mbb_s2y1j9ada00977 =>Trojan.Staser
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_medium=isafe&from=isafe&uid=st750lm022xhn-m750mbb_s2y1j9ada00977 =>Trojan.Staser
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.yac.mx/?utm_source=b&utm_medium=isafe&from=isafe&uid=st750lm022xhn-m750mbb_s2y1j9ada00977 =>Trojan.Staser
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com =>Hijacker.Qone8
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_135] Cl� orpheline =>PUA.FSTfr9
[MD5.00000000000000000000000000000000] [APT] [SpyHunter4Startup] (...) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (.not file.) [0] =>Crapware.SpyHunter
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 02/04/2014 - 21:31:11 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 02/04/2014 - 19:39:03 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 05/04/2014 - 18:12:03 - [10,218] ----D C:\Users\Lysie\AppData\Roaming\iSafe =>Trojan.Staser
O43 - CFD: 03/04/2014 - 21:41:11 - [0,507] ----D C:\Users\Lysie\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 02/04/2014 - 17:11:48 - [0] ----D C:\Users\Lysie\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 02/04/2014 - 17:26:34 - [0] ----D C:\Users\Lysie\AppData\Local\Software
O44 - LFC:[MD5.ADB6D8FC167ADD268A63F2F3CF0E13BA] - 02/04/2014 - 19:47:38 ---A- . (...) -- C:\Windows\Reimage.ini [163] =>Rogue.ReimageRepair
O45 - LFCP:[MD5.E2F4C2B1BD4F80580F3558C0C1B1EA16] - 02/04/2014 - 07:56:02 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER (1).EXE-196FE677.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.90A02D2FBF244726008B5F3D0C2347B8] - 02/04/2014 - 07:56:55 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-84675E35.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D756D2EBC5A35C7280EAD11493B6A8D4] - 02/04/2014 - 13:52:27 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER (3).EXE-E454C8F1.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.06092AAFEC1A5B06DFB5103610F19A1E] - 02/04/2014 - 13:54:25 ---A- - C:\Windows\Prefetch\PRICEPEEP_EN_0303-A419CB8D.EX-6983A024.pf =>Adware.PricePeep
O45 - LFCP:[MD5.2CFF4D96B182B96C13A284E4E1915BFF] - 02/04/2014 - 18:48:15 ---A- - C:\Windows\Prefetch\REIMAGE.EXE-BEE43FC1.pf =>Rogue.ReimageRepair
O45 - LFCP:[MD5.A90207FC49CEBEA0576971964DD42FAC] - 02/04/2014 - 19:47:49 ---A- - C:\Windows\Prefetch\REIMAGEREPAIR.EXE-2492A54D.pf =>Rogue.ReimageRepair
O45 - LFCP:[MD5.E97C22776DD267495D4DB2732DE4D78C] - 03/04/2014 - 07:24:08 ---A- - C:\Windows\Prefetch\BU_.EXE-49DB8802.pf
O45 - LFCP:[MD5.00DD8E5AE0B0806FCE0EDD3381CB1BE6] - 05/04/2014 - 14:49:35 ---A- - C:\Windows\Prefetch\ISAFESCAN.EXE-BEDBDBDC.pf =>Trojan.Staser
O45 - LFCP:[MD5.26DB8B84A7F64A1739DF869077B58B13] - 05/04/2014 - 16:48:52 ---A- - C:\Windows\Prefetch\ISAFETRAY.EXE-F929161B.pf =>Trojan.Staser
O45 - LFCP:[MD5.979B41FE42233AFB842A646B8148B60C] - 05/04/2014 - 17:11:22 ---A- - C:\Windows\Prefetch\ISAFE.EXE-A6C8B403.pf =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:02 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\0a262e80d1faf10e7a279e15bb763e46_16_16.png [432] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\25bd56f86c3d010a1ab6624d393e47dd.ico [23558] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\25bd56f86c3d010a1ab6624d393e47dd_32_32.png [1734] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\70d8947ec88e558a5efd49d4bb196d2f.ico [5430] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\70d8947ec88e558a5efd49d4bb196d2f_32_32.png [2763] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\768563f83e4da72d5479620179d949a9.ico [77267] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\768563f83e4da72d5479620179d949a9_32_32.png [2941] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\7a139a2d12091918fec423e6f508dbc8.ico [5430] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:03 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\7a139a2d12091918fec423e6f508dbc8_16_16.png [977] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\af0467069956215b9a3bdf8219c10e23.ico [4710] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\af0467069956215b9a3bdf8219c10e23_16_16.png [299] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\b2912671b276413f8c1d771f451b8abb_32_32.png [1193] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\b41d1870ba53408058c59e6c47197a09.ico [25214] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\b41d1870ba53408058c59e6c47197a09_32_32.png [2785] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\b83d65c9634a1802289555164783bfb9.ico [42002] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:04 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\b83d65c9634a1802289555164783bfb9_32_32.png [2337] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:05 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\ccd5995cc8391b1de4ec51d9b3c66739.ico [4710] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:05 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\ccd5995cc8391b1de4ec51d9b3c66739_32_32.png [622] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:05 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\d5094582c4a57ed9c16129849812f46a_32_32.png [1193] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:05 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\e9e0342ca0f0cd6fe38a449cdeb4c411.ico [23558] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:05 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\ico\e9e0342ca0f0cd6fe38a449cdeb4c411_16_16.png [762] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:06 ---A- . (...) -- C:\Users\Lysie\AppData\Roaming\iSafe\softmgr.dat [24576] =>Trojan.Staser
O61 - LFC: 05/04/2014 - 10:56:07 ---A- . (...) -- C:\Users\Lysie\Downloads\Allin1Convert.exe [443272] =>Adware.Allin1Convert
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (qone8) - http://www.qone8.com =>Hijacker.Qone8
HKLM\\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_135 =>PUA.FSTfr9^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Lysie\AppData\Roaming\iSafe =>Trojan.Staser^
C:\Users\Lysie\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Users\Lysie\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\Lysie\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\AVG SafeGuard toolbar]
O43 - CFD: 02/04/2014 - 19:30:55 - [0] ----D C:\Users\Lysie\AppData\Local\SearchProtect =>Toolbar.Conduit
O45 - LFCP:[MD5.1F631F83F078B1964AEA11B2359194CD] - 29/03/2014 - 12:20:26 ---A- - C:\Windows\Prefetch\EBAY2.EXE-3ADA6F16.pf =>Toolbar.eBay
O61 - LFC: 08/04/2014 - 10:55:55 ---A- . (...) -- C:\Users\Lysie\AppData\Local\Packages\eBayInc.eBay_1618n3s9xq8tw\Settings\settings.dat [8192] =>Toolbar.eBay
HKLM\\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
[HKLM\Software\Wow6432Node\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
C:\Users\Lysie\AppData\Local\SearchProtect =>Toolbar.Conduit^
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid

Publicité


Signaler le contenu de ce document

Publicité