cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix

Lignes indésirables :
O23 - Service: (Archer) . (.QingYeKeJi - ArcherSvc.) - C:\Program Files (x86)\WinArcher\Archer.dll =>PUP.Optional.Youndoo
O23 - Service: Magelyanadasp (Magelyanadasp) . (...) - C:\Program Files (x86)\Shizuwazocult\CncCnt.dll =>Adware.Suspect
O23 - Service: UvConv (UvConv) . (...) - C:\Users\Charles\AppData\Roaming\eibeh\UvConverter.exe =>Adware.CornerSunshine
O23 - Service: (WinSAPSvc) . (...) - C:\ProgramData\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo
SR - Auto [16/11/2016] [ 323072] (Archer) . (.QingYeKeJi.) - C:\Program Files (x86)\WinArcher\Archer.dll =>PUP.Optional.Youndoo
SR - Demand [22/11/2016] [ 626688] iThemes5 (iThemes5) . (...) - C:\Program Files (x86)\Common Files\Services\iThemes.dll =>Adware.CornerSunshine
SR - Auto [09/11/2016] [ 276480] Magelyanadasp (Magelyanadasp) . (...) - C:\Program Files (x86)\Shizuwazocult\CncCnt.dll =>Adware.Suspect
SR - Auto [20/09/2016] [ 324224] UvConv (UvConv) . (...) - C:\Users\Charles\AppData\Roaming\eibeh\UvConverter.exe =>Adware.CornerSunshine
SR - Auto [20/09/2016] [ 324224] (WinSAPSvc) . (...) - C:\ProgramData\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo
[MD5.7C91D6E0C6C4E34F3400FED08300ACEB] [APT] [Update Service for Youtube AdBlock] (...) -- C:\Program Files (x86)\Youtube AdBlock\cVOMSVe.exe [324224] (.Activate.) =>PUP.Optional.YouTubeAdBlock
[MD5.7C91D6E0C6C4E34F3400FED08300ACEB] [APT] [Update Service for Youtube AdBlock2] (...) -- C:\Program Files (x86)\Youtube AdBlock\cVOMSVe.exe [324224] (.Activate.) =>PUP.Optional.YouTubeAdBlock
O39 - APT: Update Service for Youtube AdBlock - (...) -- C:\WINDOWS\Tasks\Update Service for Youtube AdBlock.job [324224] =>PUP.Optional.YouTubeAdBlock
O39 - APT: Update Service for Youtube AdBlock2 - (...) -- C:\WINDOWS\Tasks\Update Service for Youtube AdBlock2.job [324224] =>PUP.Optional.YouTubeAdBlock
O39 - APT: Update Service for Youtube AdBlock - (...) -- C:\WINDOWS\System32\Tasks\Update Service for Youtube AdBlock [324224] =>PUP.Optional.YouTubeAdBlock
O39 - APT: Update Service for Youtube AdBlock2 - (...) -- C:\WINDOWS\System32\Tasks\Update Service for Youtube AdBlock2 [324224] =>PUP.Optional.YouTubeAdBlock
[MD5.3341B39E9FC85340B9895D6C0BB0792C] - (...) -- C:\Users\Charles\AppData\Roaming\eibeh\UvConverter.exe [393216] [PID.3020] =>Adware.CornerSunshine
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.amisites.com/ =>Hijacker.Amisites
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/ =>Hijacker.Amisites
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/ =>Hijacker.Amisites
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amisites.com/ =>Hijacker.Amisites
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.amisites.com/ =>Hijacker.Amisites
O2 - BHO: Youtube AdBlock [64Bits] - {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} . (...) -- C:\Program Files (x86)\Youtube AdBlock\IEEF\LXLQCy9.dll =>PUP.Optional.YouTubeAdBlock
HKLM\SOFTWARE\Wow6432Node\8C12D96B9597FBBD8EA44E2AFD3B9F51 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\amisitesSoftware =>Hijacker.Amisites
HKLM\SOFTWARE\Wow6432Node\OtherSearch =>PUP.Optional.FastSearch
HKLM\SOFTWARE\Wow6432Node\UvConv =>Adware.CornerSunshine
HKLM\SOFTWARE\Wow6432Node\WinArcher =>PUP.Optional.Youndoo
HKCU\SOFTWARE\8C12D96B9597FBBD8EA44E2AFD3B9F51 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Distromatic =>PUP.Optional.AlexaTB
HKCU\SOFTWARE\IM =>Adware.InstallCore
HKCU\SOFTWARE\WebDiscoverBrowser =>PUP.Optional.WebDisco
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\78E6E302-1478715019-E611-B27E-A08CFD78C6A9 =>PUP.Optional.CrossRider
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\OtherSearch =>PUP.Optional.FastSearch
O43 - CFD: 23/11/2016 - [0] D -- C:\Program Files (x86)\UvConverter =>Adware.CornerSunshine
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\WinArcher =>PUP.Optional.Youndoo
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\Youtube AdBlock =>PUP.Optional.YouTubeAdBlock
O43 - CFD: 23/11/2016 - [] D -- C:\ProgramData\WinSAPSvc =>PUP.Optional.Youndoo
O45 - LFCP:[MD5.502D4DF960DB0BA2754D24E34C1E6271] 23/11/2016 A -- C:\WINDOWS\Prefetch\UVCONVERTER.EXE-4A57F394.pf =>Adware.CornerSunshine
O45 - LFCP:[MD5.8B7BACCC31328537CED9FB6F235875B0] 22/11/2016 A -- C:\WINDOWS\Prefetch\ZDENGINE.EXE-D773E5BA.pf =>PUP.Optional.FastSearch
O61 - LFC: 2016/11/15 16:13:12 A . (..) -- C:\Users\Charles\AppData\Roaming\eibeh\UvConverter.exe [393216] =>Adware.CornerSunshine
O61 - LFC: 2016/11/22 20:35:55 A . (..) -- C:\Users\Charles\AppData\Local\Temp\E8CA81D0-3047-4E23-95B3-DB7674A3A681\s2s_install.exe [8623304] =>Heuristic.Suspect
O61 - LFC: 2016/11/22 20:35:07 A . (..) -- C:\Users\Charles\AppData\Local\Temp\9EC67E00-8BC5-48A0-97A7-7B72D0D689F1\s2s_install.exe [8623304] =>Heuristic.Suspect
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (amisites) - http://www.amisites.com/ =>Hijacker.Amisites
O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (amisites) - http://www.amisites.com/ =>Hijacker.Amisites
O90 - PUC: "F39E5917C417B4041A46F88010121C6E" . (.UvConverter.) =>Adware.CornerSunshine
HKLM\SYSTEM\CurrentControlSet\Services\Archer =>PUP.Optional.Youndoo
C:\Program Files (x86)\WinArcher\Archer.dll =>PUP.Optional.Youndoo
HKLM\SYSTEM\CurrentControlSet\Services\Magelyanadasp =>Adware.Suspect
C:\Program Files (x86)\Shizuwazocult\CncCnt.dll =>Adware.Suspect
HKLM\SYSTEM\CurrentControlSet\Services\UvConv =>Adware.CornerSunshine
C:\Users\Charles\AppData\Roaming\eibeh\UvConverter.exe =>Adware.CornerSunshine
HKLM\SYSTEM\CurrentControlSet\Services\WinSAPSvc =>PUP.Optional.Youndoo
C:\ProgramData\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo
HKLM\SYSTEM\CurrentControlSet\Services\iThemes5 =>Adware.CornerSunshine
C:\Program Files (x86)\Common Files\Services\iThemes.dll =>Adware.CornerSunshine
HKLM\SOFTWARE\Wow6432Node\8C12D96B9597FBBD8EA44E2AFD3B9F51 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\amisitesSoftware =>Hijacker.Amisites
HKLM\SOFTWARE\Wow6432Node\OtherSearch =>PUP.Optional.FastSearch
HKLM\SOFTWARE\Wow6432Node\UvConv =>Adware.CornerSunshine
HKLM\SOFTWARE\Wow6432Node\WinArcher =>PUP.Optional.Youndoo
HKCU\SOFTWARE\8C12D96B9597FBBD8EA44E2AFD3B9F51 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Distromatic =>PUP.Optional.AlexaTB
HKCU\SOFTWARE\IM =>Adware.InstallCore
HKCU\SOFTWARE\WebDiscoverBrowser =>PUP.Optional.WebDisco
C:\Program Files (x86)\78E6E302-1478715019-E611-B27E-A08CFD78C6A9 =>PUP.Optional.CrossRider
C:\Program Files (x86)\OtherSearch =>PUP.Optional.FastSearch
C:\Program Files (x86)\UvConverter =>Adware.CornerSunshine
C:\Program Files (x86)\WinArcher =>PUP.Optional.Youndoo
C:\ProgramData\WinSAPSvc =>PUP.Optional.Youndoo
C:\WINDOWS\Prefetch\UVCONVERTER.EXE-4A57F394.pf =>Adware.CornerSunshine
C:\WINDOWS\Prefetch\ZDENGINE.EXE-D773E5BA.pf =>PUP.Optional.FastSearch
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>Hijacker.Amisites
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} =>Hijacker.Amisites
HKLM\Software\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E =>Adware.CornerSunshine
HKLM\Software\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E =>Adware.CornerSunshine
HKLM\SOFTWARE\Wow6432Node\Amucultzuvory
HKLM\SOFTWARE\Wow6432Node\Anentgrujasy
HKLM\SOFTWARE\Wow6432Node\Ckuele
HKLM\SOFTWARE\Wow6432Node\Drerzesh
HKLM\SOFTWARE\Wow6432Node\Grektionberkash
HKLM\SOFTWARE\Wow6432Node\Javuty
HKLM\SOFTWARE\Wow6432Node\jhtrsq
HKLM\SOFTWARE\Wow6432Node\pnqous
HKLM\SOFTWARE\Wow6432Node\Qaqiclomotion
HKLM\SOFTWARE\Wow6432Node\xvb`lj
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\5qqxdf55
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\f0p8nksg
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\hy45dbre
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\rt2cswbb
O43 - CFD: 22/11/2016 - [] D -- C:\Program Files (x86)\taxs57v9
O43 - CFD: 11/11/2016 - [] D -- C:\Users\Charles\AppData\Roaming\.azlauncher
O43 - CFD: 15/10/2016 - [] D -- C:\Users\Charles\AppData\Roaming\.skillpvp
O43 - CFD: 23/11/2016 - [] D -- C:\Users\Charles\AppData\Roaming\eibeh
O43 - CFD: 09/11/2016 - [0] D -- C:\Users\Charles\AppData\Roaming\Lerlule
O43 - CFD: 22/11/2016 - [] D -- C:\Users\Charles\AppData\Roaming\Shvaied
O43 - CFD: 22/11/2016 - [] D -- C:\Users\Charles\AppData\Local\Ghaesplpge


Lignes superflues ou inutiles :
O23 - Service: ed2k idle service (ed2kidle) . (...) - C:\Program Files (x86)\amuleC1\ed2k.exe (.not file.) =>.Superfluous.aMULEcustom
[MD5.00000000000000000000000000000000] [APT] [99d0354b3f712d5f143f6ff793030b9b] (...) -- C:\Program Files (x86)\REAPER\j7ve51.dll (.not file.) [324224] (.Activate.) => Fichier absent
[MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [ChelfNotify Task] (.Tencent.) -- C:\ProgramData\ChelfNotify\BrowserUpdate.exe [324224] (.Activate.) =>.Superfluous.Tencent
O39 - APT: 99d0354b3f712d5f143f6ff793030b9b - (...) -- C:\WINDOWS\System32\Tasks\99d0354b3f712d5f143f6ff793030b9b [324224] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: AdobeAAMUpdater-1.0-LAPTOP-ME73S73J-Charles - (...) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-ME73S73J-Charles [324224] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: ChelfNotify Task - (.Tencent.) -- C:\WINDOWS\System32\Tasks\ChelfNotify Task [324224] =>.Superfluous.Tencent
O39 - APT: DropboxOEM - (...) -- C:\WINDOWS\System32\Tasks\DropboxOEM [324224] (.Orphan.) =>.Superfluous.Orphan
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Charles\AppData\Roaming\cacaoweb\cacaoweb.exe =>.Superfluous.CacaoWeb
O4 - HKUS\S-1-5-21-2936052908-977173909-916088527-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Charles\AppData\Roaming\cacaoweb\cacaoweb.exe =>.Superfluous.CacaoWeb
[MD5.E22A640E183C0779C5AEFC4BB2A708E2] - (...) -- C:\Users\Charles\AppData\Roaming\cacaoweb\cacaoweb.exe [563896] [PID.1792] =>.Superfluous.CacaoWeb
HKCU\SOFTWARE\cacaoweb =>.Superfluous.CacaoWeb
HKCU\SOFTWARE\AppDataLow\Software\AppTrailers =>.Superfluous.AppTrailers
O43 - CFD: 22/11/2016 - [0] D -- C:\Program Files (x86)\Mirillis =>.Superfluous.Empty
O43 - CFD: 22/11/2016 - [] D -- C:\ProgramData\ChelfNotify =>.Superfluous.Tencent
O43 - CFD: 24/11/2016 - [] D -- C:\Users\Charles\AppData\Roaming\cacaoweb =>.Superfluous.CacaoWeb
O43 - CFD: 09/11/2016 - [] D -- C:\Users\Charles\AppData\Local\AppTrailers =>.Superfluous.AppTrailers
O45 - LFCP:[MD5.5307E081C49B578D0D839F1C4E02DBB7] 16/11/2016 A -- C:\WINDOWS\Prefetch\CACAOWEB.EXE-2A4FEB97.pf =>.Superfluous.CacaoWeb
O45 - LFCP:[MD5.AD25114619EBC6111195B0554434A074] 24/11/2016 A -- C:\WINDOWS\Prefetch\CACAOWEB.EXE-4F0804EE.pf =>.Superfluous.CacaoWeb
O45 - LFCP:[MD5.122829C078C4F51E450C171B8FD7FAC3] 11/11/2016 A -- C:\WINDOWS\Prefetch\CACAOWEB.EXE-B113D06C.pf =>.Superfluous.CacaoWeb
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] [64Bits] - {1F71A654-9E97-11E6-AA4B-64006A5CFC23} . (...) -- (.not file.) => Fichier absent
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] [64Bits] - {FFC5BCD0-A5C1-11E6-B87D-64006A5CFC23} . (...) -- (.not file.) => Fichier absent
O61 - LFC: 2016/11/24 22:19:48 A . (..) -- C:\Users\Charles\Desktop\cacaoweb.exe [563896] =>.Superfluous.CacaoWeb
O61 - LFC: 2016/11/11 21:21:38 A . (..) -- C:\Users\Charles\AppData\Roaming\cacaoweb\cacaoweb.exe [563896] =>.Superfluous.CacaoWeb
O61 - LFC: 2016/11/09 19:12:43 A . (.Optimal Software s.r.o..) -- C:\Users\Charles\AppData\Local\Temp\351474718\ic-0.18398d03e279c4.exe [5113120] =>.Superfluous.OptimalSoftware
O61 - LFC: 2016/11/09 19:12:39 A . (.WebDiscover Media.) -- C:\Users\Charles\AppData\Local\Temp\351474718\ic-0.31c727f76854d.exe [43251976] =>.Superfluous.WebDiscoverMedia
O87 - FAEL: "{E3FBDDDE-FF7E-4CB2-9987-F4D86DF62469}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.) => Fichier absent
O87 - FAEL: "{B663CC4F-5055-404D-84F7-8442BD04790C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.) => Fichier absent
O87 - FAEL: "{37AD055D-9AF4-44A4-8DF0-899D83ECBF50}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (.not file.) => Fichier absent
O87 - FAEL: "{E1FACBE2-FF1A-464F-8966-35675C2A83B8}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (.not file.) => Fichier absent
HKLM\SYSTEM\CurrentControlSet\Services\ed2kidle =>.Superfluous.aMULEcustom
HKCU\SOFTWARE\cacaoweb =>.Superfluous.CacaoWeb
HKCU\SOFTWARE\AppDataLow\Software\AppTrailers =>.Superfluous.AppTrailers
C:\Program Files (x86)\Mirillis =>.Superfluous.Empty
C:\ProgramData\ChelfNotify =>.Superfluous.Tencent
C:\Users\Charles\AppData\Roaming\cacaoweb =>.Superfluous.CacaoWeb
C:\Users\Charles\AppData\Local\AppTrailers =>.Superfluous.AppTrailers
C:\WINDOWS\Prefetch\CACAOWEB.EXE-2A4FEB97.pf =>.Superfluous.CacaoWeb
C:\WINDOWS\Prefetch\CACAOWEB.EXE-4F0804EE.pf =>.Superfluous.CacaoWeb
C:\WINDOWS\Prefetch\CACAOWEB.EXE-B113D06C.pf =>.Superfluous.CacaoWeb

Lignes d'optimisation du démarrage :



EmptyClsid
Proxyfix
FirewallRaz
ShortcutFix
emptytemp
emptyflash


Publicité


Signaler le contenu de ce document

Publicité