Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
M3 - MFPP: Plugins - [jocelyn] -- C:\Users\jocelyn\AppData\Roaming\Mozilla\Firefox\Profiles\o0f65zey.default\searchplugins\Speedial.xml =>Adware.Adware.SearchYa
M0 - MFSP: prefs.js [jocelyn - o0f65zey.default] http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://speedial.com =>Adware.Adware.SearchYa
[MD5.7F57B243ED1D2E8C29905FA3092E2E93] [APT] [Speedial] (...) -- C:\Users\jocelyn\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe [99840] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [300] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [300] =>Adware.Adware.SearchYa
O41 - Driver: ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: Speedial - (.Speedial.) [HKLM][64Bits] -- Speedial =>Adware.Adware.SearchYa
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\speedial] =>Adware.Adware.SearchYa
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
O43 - CFD: 28/05/2014 - 19:31:21 - [] ----D C:\Program Files (x86)\Speedial =>Adware.Adware.SearchYa
O43 - CFD: 26/05/2014 - 10:37:59 - [] ----D C:\ProgramData\Partner
O43 - CFD: 28/05/2014 - 19:31:34 - [] ----D C:\Users\jocelyn\AppData\Roaming\Speedial =>Adware.Adware.SearchYa
O44 - LFC:[MD5.FF39BAD372473F8CB9B755B2B877CA0D] - 22/05/2014 - 17:24:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:22/05/2014 - 17:24:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys [61120] =>PUP.LinkiDoo
O64 - Services: CurCS - 22/05/2014 - C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64) .(.StdLib - StdLib.) - LEGACY_{8CE1C375-1E13-43F7-A4FD-6530F47C4FDE}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} - (Speedial) - http://speedial.com =>Adware.Adware.SearchYa
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeeDial_RASAPI32 =>Adware.Adware.SearchYa
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeeDial_RASMANCS =>Adware.Adware.SearchYa
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedial] =>Adware.Adware.SearchYa^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\Speedial =>Adware.Adware.SearchYa^
C:\Users\jocelyn\AppData\Roaming\Speedial =>Adware.Adware.SearchYa^
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\jocelyn\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe =>Adware.Adware.SearchYa^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKCU\Software\speedial] =>Adware.Adware.SearchYa^
O43 - CFD: 24/05/2014 - 21:01:08 - [] ----D C:\Program Files (x86)\GUMF621.tmp
O44 - LFC:[MD5.DA92DEAFC0A4DE3A9A454EAD81DE810D] - 24/05/2014 - 18:43:11 ---A- . (...) -- C:\RHDSetup.log [1515]
O44 - LFC:[MD5.85D6E8F735865B502D65D1D91A79E3F3] - 28/05/2014 - 12:53:06 ---A- . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe [294912]
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136]
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarUser_32_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarUser_32_RASMANCS =>Toolbar.Google
SR - | Auto 21/05/2014 350496 | (Update Rock Turner) . (...) - C:\Program Files (x86)\Rock Turner\updateRockTurner.exe
SR - | Auto 28/05/2014 350496 | (Util Rock Turner) . (...) - C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
M3 - MFPP: Plugins - [jocelyn] -- C:\Users\jocelyn\AppData\Roaming\Mozilla\Firefox\Profiles\o0f65zey.default\searchplugins\Speedial.xml =>Adware.Adware.SearchYa
M0 - MFSP: prefs.js [jocelyn - o0f65zey.default] http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.Adware.SearchYa
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://speedial.com =>Adware.Adware.SearchYa
[MD5.7F57B243ED1D2E8C29905FA3092E2E93] [APT] [Speedial] (...) -- C:\Users\jocelyn\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe [99840] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\Tasks\Speedial.job [300] =>Adware.Adware.SearchYa
O39 - APT: Speedial - (...) -- C:\Windows\System32\Tasks\Speedial [300] =>Adware.Adware.SearchYa
O41 - Driver: ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: Speedial - (.Speedial.) [HKLM][64Bits] -- Speedial =>Adware.Adware.SearchYa
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\speedial] =>Adware.Adware.SearchYa
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
O43 - CFD: 28/05/2014 - 19:31:21 - [] ----D C:\Program Files (x86)\Speedial =>Adware.Adware.SearchYa
O43 - CFD: 26/05/2014 - 10:37:59 - [] ----D C:\ProgramData\Partner
O43 - CFD: 28/05/2014 - 19:31:34 - [] ----D C:\Users\jocelyn\AppData\Roaming\Speedial =>Adware.Adware.SearchYa
O44 - LFC:[MD5.FF39BAD372473F8CB9B755B2B877CA0D] - 22/05/2014 - 17:24:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:22/05/2014 - 17:24:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys [61120] =>PUP.LinkiDoo
O64 - Services: CurCS - 22/05/2014 - C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64) .(.StdLib - StdLib.) - LEGACY_{8CE1C375-1E13-43F7-A4FD-6530F47C4FDE}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} - (Speedial) - http://speedial.com =>Adware.Adware.SearchYa
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeeDial_RASAPI32 =>Adware.Adware.SearchYa
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeeDial_RASMANCS =>Adware.Adware.SearchYa
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedial] =>Adware.Adware.SearchYa^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
C:\Program Files (x86)\Speedial =>Adware.Adware.SearchYa^
C:\Users\jocelyn\AppData\Roaming\Speedial =>Adware.Adware.SearchYa^
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\jocelyn\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.exe =>Adware.Adware.SearchYa^
C:\Windows\Tasks\Speedial.job =>Adware.Adware.SearchYa^
C:\Windows\System32\Tasks\Speedial =>Adware.Adware.SearchYa^
[HKCU\Software\speedial] =>Adware.Adware.SearchYa^
O43 - CFD: 24/05/2014 - 21:01:08 - [] ----D C:\Program Files (x86)\GUMF621.tmp
O44 - LFC:[MD5.DA92DEAFC0A4DE3A9A454EAD81DE810D] - 24/05/2014 - 18:43:11 ---A- . (...) -- C:\RHDSetup.log [1515]
O44 - LFC:[MD5.85D6E8F735865B502D65D1D91A79E3F3] - 28/05/2014 - 12:53:06 ---A- . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe [294912]
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe [36136]
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarUser_32_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarUser_32_RASMANCS =>Toolbar.Google
SR - | Auto 21/05/2014 350496 | (Update Rock Turner) . (...) - C:\Program Files (x86)\Rock Turner\updateRockTurner.exe
SR - | Auto 28/05/2014 350496 | (Util Rock Turner) . (...) - C:\Program Files (x86)\Rock Turner\bin\utilRockTurner.exe
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore