cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


Lignes indésirables :
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:55457;https=127.0.0.1:55457 =>Hijacker.Proxy
O1 - Hosts: 64.1.1.2 epc => Infection Hosts (Hosts.Redirection)↓
O4 - GS\Desktop [Public]: VideoPlayer.lnk . (.Tuguu SL - VAFPlayer.) -- C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe =>PUP.VAFPlayer
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_50] Clé orpheline =>Adware.FreeSoftToday
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
[MD5.00000000000000000000000000000000] [APT] [Run_Bobby_Browser] (...) -- C:\Users\Utilisateur\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) [0] =>PUP.BoBrowser
[MD5.633BB002E3061041EE6B1D3136E773E7] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [7580544] =>Crapware.SpyHunter
O42 - Logiciel: VideoPlayer v2.0.6 - (.TUGUU SL.) [HKLM][64Bits] -- VideoPlayer =>PUP.VAFPlayer
[HKCU\Software\Savevid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp
O44 - LFC:[MD5.57B7ABC2B944F22D6B989DDE9C708261] - 04/12/2014 - 02:03:12 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\b786bdb3c67d.sys [46920] => PUP.Salus
O58 - SDL:04/12/2014 - 02:03:12 ---A- . (.Windows Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\Drivers\b786bdb3c67d.sys [46920] => PUP.Salus
O64 - Services: CurCS - 05/12/2014 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (esgiguard) .(.Enigma Software Group USA, LLC. - Execution Guard.) - LEGACY_ESGIGUARD =>Crapware.SpyHunter
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Utilisateur\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser
SR - | Auto 05/12/2014 1025920 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run_Bobby_Browser] =>PUP.BoBrowser^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VideoPlayer] =>PUP.VAFPlayer^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_50 =>Adware.FreeSoftToday^
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\kgntugow.default\VideoDownloadConverter_4z =>Adware.VideoDownloadConverter
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe =>Crapware.SpyHunter^
[HKCU\Software\Savevid] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O43 - CFD: 17/09/2012 - 15:43:35 - [] ----D C:\Users\Utilisateur\AppData\Local\CRE
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}]

Lignes superflues ou inutiles :
O43 - CFD: 07/03/2013 - 14:18:05 - [] ----D C:\Users\Utilisateur\AppData\Local\TempDIR => TempDIR
O61 - LFC: 05/12/2014 - 16:16:39 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Temp\Quarantine.exe [601088] => Temporary file not necessary
O61 - LFC: 08/12/2014 - 16:16:39 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj97rik.dll [43008] => Temporary file not necessary
MD5.00000000000000000000000000000000] [APT] [{B972D672-879A-499C-8E86-2F0928692BEE}] (...) -- C:\Users\Utilisateur\Downloads\dotnetfx35.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{F4E0557A-EF6A-488E-BC80-DA732690EDB2}] (...) -- C:\Program Files (x86)\Palm\QuickInstall.exe (.not file.) [0] => Fichier absent
O4 - HKCU\..\Run: [ZoomIt] C:\Users\Utilisateur\Downloads\ZoomIt(1)\ZoomIt.exe (.not file.) => Fichier absent
O4 - HKUS\S-1-5-21-3156620691-3695665674-2686186137-1000\..\Run: [ZoomIt] C:\Users\Utilisateur\Downloads\ZoomIt(1)\ZoomIt.exe (.not file.) => Fichier absent

Lignes d'optimisation du démarrage :
OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
OPT:O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe


EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité