Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
G1 - GCS: Preference [User Data\Default] http://www.arabyonline.com
G2 - GCE: Preference [User Data\Default] [cckahkoimnbpflhhobnanhfdihegpedf] Plus-HD-9.4 v.1.26.104, (Activ�) =>Adware.PlusHD
G2 - EXT: C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf [Plus-HD-9.4] =>Adware.PlusHD
M0 - MFSP: prefs.js [y - 2da8o6js.default] http://www.arabyonline.com
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com
O2 - BHO: YTAHelperBHO - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} . (...) -- C:\ProgramData\YTAHelper\YTAHelper.dll (.not file.)
[MD5.00000000000000000000000000000000] [APT] [YTAHelper] (...) -- C:\Program Files\YTAHelper\YTAHelper.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YTAUpdate] (...) -- C:\Program Files\YOUTUB~1\Updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YTAUpdate_logon] (...) -- C:\Program Files\YOUTUB~1\Updater.exe (.not file.) [0]
O4 - HKLM\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe (.not file.) =>PUP.Goobzo
O4 - HKCU\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-3455074014-746431088-4093554543-1000\..\Run: [GoobzoYouTubeAccelerator] C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe (.not file.) =>PUP.Goobzo
O4 - HKUS\S-1-5-21-3455074014-746431088-4093554543-1000\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - GS\Desktop [y]: Softonic.lnk . (...) -- C:\Users\y\AppData\Local\Softonic\Softonic.exe (.not file.) =>Toolbar.Conduit
O42 - Logiciel: Softonic for Windows - (.Softonic International S.L..) [HKCU] -- Softonic for Windows =>Toolbar.Conduit
O53 - SMSR:HKLM\...\startupreg\Softonic for Windows [Key] . (...) -- C:\Users\y\AppData\Local\Softonic\Softonic.exe (.not file.) =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows] =>Toolbar.Conduit^
O23 - Service: ShopperPro Update (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe (.not file.) =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [4CEFD9B73D6C-1CRMOI2] (...) -- C:\Users\y\AppData\Roaming\ARHome\Updater.exe (.not file.) [0] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [5FOFD9B73D6C-2CRMOI6] (...) -- C:\Users\y\AppData\Roaming\ARHome\Updater.exe (.not file.) [0] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_3334393430323334332d3437415a556c2a3223346c41] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
O41 - Driver: ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys =>PUP.LinkiDoo
O42 - Logiciel: PC Data App - (...) [HKLM] -- PCData App =>Trojan.BitCoinMiner
O42 - Logiciel: Plus-HD-9.4 - (.Plus HD.) [HKLM] -- Plus-HD-9.4 =>Adware.PlusHD
O42 - Logiciel: Shopper-Pro - (...) [HKLM] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: YouTube Accelerator - (.Goobzo Ltd..) [HKLM] -- YouTube Accelerator =>PUP.Goobzo
O42 - Logiciel: iWebar - (.iWebar.) [HKLM] -- iWebar =>PUP.iWebar
[HKCU\Software\AppDataLow\Software\Plus-HD-9.4] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\iWebar] =>PUP.iWebar
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
O43 - CFD: 12/06/2014 - 09:36:03 - [] ----D C:\Program Files\Plus-HD-9.4 =>Adware.PlusHD
O45 - LFCP:[MD5.017078B51D06BC658E3FD4D82AB348D6] - 28/06/2014 - 22:00:02 ---A- - C:\Windows\Prefetch\BROWSEMARK.BROWSERADAPTER.EXE-139AF718.pf =>PUP.BrowseMark
O58 - SDL:13/05/2014 - 14:55:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys [52928] =>PUP.LinkiDoo
O61 - LFC: 27/06/2014 - 01:29:10 ---A- . (...) -- C:\Users\y\AppData\Local\Temp\ShopperProJSINJFull.exe [4240056] =>PUP.ShopperPro
O64 - Services: CurCS - 13/05/2014 - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w) .(.StdLib - StdLib.) - LEGACY_{B99C8534-7800-48FA-BD71-519A46CDC7E1}W =>PUP.LinkiDoo
SS - | Auto 10/07/1658 0 | (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
[HKLM\Software\Google\Chrome\Extensions\cckahkoimnbpflhhobnanhfdihegpedf] =>Adware.PlusHD^
[HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCData App] =>Trojan.BitCoinMiner^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-9.4] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator] =>PUP.Goobzo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:GoobzoYouTubeAccelerator =>PUP.Goobzo^
C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf =>Adware.PlusHD^
C:\Program Files\Plus-HD-9.4 =>Adware.PlusHD^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\AppDataLow\Software\Plus-HD-9.4] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\iWebar] =>PUP.iWebar^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
EmptyFlash
EmptyTemp
EmptyClsid
Emptyprefetch
FirewallRaz
Proxyfix
SysRestore
G1 - GCS: Preference [User Data\Default] http://www.arabyonline.com
G2 - GCE: Preference [User Data\Default] [cckahkoimnbpflhhobnanhfdihegpedf] Plus-HD-9.4 v.1.26.104, (Activ�) =>Adware.PlusHD
G2 - EXT: C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf [Plus-HD-9.4] =>Adware.PlusHD
M0 - MFSP: prefs.js [y - 2da8o6js.default] http://www.arabyonline.com
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com
O2 - BHO: YTAHelperBHO - {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} . (...) -- C:\ProgramData\YTAHelper\YTAHelper.dll (.not file.)
[MD5.00000000000000000000000000000000] [APT] [YTAHelper] (...) -- C:\Program Files\YTAHelper\YTAHelper.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YTAUpdate] (...) -- C:\Program Files\YOUTUB~1\Updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YTAUpdate_logon] (...) -- C:\Program Files\YOUTUB~1\Updater.exe (.not file.) [0]
O4 - HKLM\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKCU\..\Run: [GoobzoYouTubeAccelerator] C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe (.not file.) =>PUP.Goobzo
O4 - HKCU\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-3455074014-746431088-4093554543-1000\..\Run: [GoobzoYouTubeAccelerator] C:\Program Files\YouTube Accelerator\YouTubeAccelerator.exe (.not file.) =>PUP.Goobzo
O4 - HKUS\S-1-5-21-3455074014-746431088-4093554543-1000\..\Run: [SPDriver] C:\Program Files\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - GS\Desktop [y]: Softonic.lnk . (...) -- C:\Users\y\AppData\Local\Softonic\Softonic.exe (.not file.) =>Toolbar.Conduit
O42 - Logiciel: Softonic for Windows - (.Softonic International S.L..) [HKCU] -- Softonic for Windows =>Toolbar.Conduit
O53 - SMSR:HKLM\...\startupreg\Softonic for Windows [Key] . (...) -- C:\Users\y\AppData\Local\Softonic\Softonic.exe (.not file.) =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows] =>Toolbar.Conduit^
O23 - Service: ShopperPro Update (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe (.not file.) =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [4CEFD9B73D6C-1CRMOI2] (...) -- C:\Users\y\AppData\Roaming\ARHome\Updater.exe (.not file.) [0] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [5FOFD9B73D6C-2CRMOI6] (...) -- C:\Users\y\AppData\Roaming\ARHome\Updater.exe (.not file.) [0] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_3334393430323334332d3437415a556c2a3223346c41] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
O41 - Driver: ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys =>PUP.LinkiDoo
O42 - Logiciel: PC Data App - (...) [HKLM] -- PCData App =>Trojan.BitCoinMiner
O42 - Logiciel: Plus-HD-9.4 - (.Plus HD.) [HKLM] -- Plus-HD-9.4 =>Adware.PlusHD
O42 - Logiciel: Shopper-Pro - (...) [HKLM] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: YouTube Accelerator - (.Goobzo Ltd..) [HKLM] -- YouTube Accelerator =>PUP.Goobzo
O42 - Logiciel: iWebar - (.iWebar.) [HKLM] -- iWebar =>PUP.iWebar
[HKCU\Software\AppDataLow\Software\Plus-HD-9.4] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\iWebar] =>PUP.iWebar
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
O43 - CFD: 12/06/2014 - 09:36:03 - [] ----D C:\Program Files\Plus-HD-9.4 =>Adware.PlusHD
O45 - LFCP:[MD5.017078B51D06BC658E3FD4D82AB348D6] - 28/06/2014 - 22:00:02 ---A- - C:\Windows\Prefetch\BROWSEMARK.BROWSERADAPTER.EXE-139AF718.pf =>PUP.BrowseMark
O58 - SDL:13/05/2014 - 14:55:48 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys [52928] =>PUP.LinkiDoo
O61 - LFC: 27/06/2014 - 01:29:10 ---A- . (...) -- C:\Users\y\AppData\Local\Temp\ShopperProJSINJFull.exe [4240056] =>PUP.ShopperPro
O64 - Services: CurCS - 13/05/2014 - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w.sys ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w) .(.StdLib - StdLib.) - LEGACY_{B99C8534-7800-48FA-BD71-519A46CDC7E1}W =>PUP.LinkiDoo
SS - | Auto 10/07/1658 0 | (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
[HKLM\Software\Google\Chrome\Extensions\cckahkoimnbpflhhobnanhfdihegpedf] =>Adware.PlusHD^
[HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCData App] =>Trojan.BitCoinMiner^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-9.4] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator] =>PUP.Goobzo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.iWebar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:GoobzoYouTubeAccelerator =>PUP.Goobzo^
C:\Users\y\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf =>Adware.PlusHD^
C:\Program Files\Plus-HD-9.4 =>Adware.PlusHD^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\AppDataLow\Software\Plus-HD-9.4] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\iWebar] =>PUP.iWebar^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
EmptyFlash
EmptyTemp
EmptyClsid
Emptyprefetch
FirewallRaz
Proxyfix
SysRestore