cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
SysRestore
O23 - Service: Cicsa (Cicsa) . (...) - C:\Users\Primael\AppData\Roaming\Laddalue\Laddalue.exe =>PUP.Optional.CrossRider
O23 - Service: Fueuccin (Fueuccin) . (...) - C:\Users\Primael\AppData\Roaming\Tazjun\Tazjun.exe
O23 - Service: Conexant SmartAudio service (SAService) . (...) - C:\WINDOWS\system32\SAsrv.exe (.not file.)
O23 - Service: Sefhiwhh (Sefhiwhh) . (...) - C:\Users\Primael\AppData\Roaming\AsocmDeodyso\Kuvbav.exe (.not file.)
O23 - Service: Thevsh Host (Thevshhostsrv) . (...) - C:\Program Files (x86)\Thevsh\Thevshhostsrv.exe (.not file.)
O23 - Service: Wadush (Wadush) . (...) - C:\Users\Primael\AppData\Roaming\JejwikOkeippe\Laurea.exe
[MD5.AAECE05CCABCE56362BACED098FD3D69] [APT] [tasklist] (...) -- c:\programdata\setup_qg00.exe [1920512] (.Activate.)
[MD5.37394068E89CDB32D7F8AF36CB50386C] [APT] [{11701A59-8724-7EC8-0139-2760B8CFCD54}] (...) -- C:\Users\Primael\AppData\Local\{2707115B-03AF-7DE3-6E37-580B4A5FA493}\uninstall.exe [393728] (.Activate.)
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (Orphean) =>PUP.Optional.ShopperPro
O4 - HKCU\..\Run: [fastweb] . (...) -- C:\Program Files (x86)\FastWeb\fastweb.exe
O4 - HKCU\..\Run: [QGuan00] . (...) -- c:\programdata\setup_qg00.exe
O4 - HKUS\S-1-5-21-800940424-3997634671-1375518831-1001\..\Run: [fastweb] . (...) -- C:\Program Files (x86)\FastWeb\fastweb.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 (.not file.)
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64 (.not file.)
O4 - HKUS\S-1-5-21-800940424-3997634671-1375518831-1001\..\Run: [QGuan00] . (...) -- c:\programdata\setup_qg00.exe
O4 - HKUS\S-1-5-21-800940424-3997634671-1375518831-1001\..\RunOnce: [Uninstall C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 (.not file.)
O4 - HKUS\S-1-5-21-800940424-3997634671-1375518831-1001\..\RunOnce: [Uninstall C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Users\Primael\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64 (.not file.)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05fb22d9-1201-11e6-916a-806e6f6e6963}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{06ee5348-759f-40b5-a70d-fc5298c513a7}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{1705bd40-a822-41f6-a336-91bf5f52a315}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{8718928d-cbeb-45ea-a621-800a9249001d}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{9f8dc881-1747-4973-ba98-0cac1eb8d684}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{b211fbd8-99ba-4d9b-9730-17b7d505cbc3}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{c58209a6-d207-11e5-9166-806e6f6e6963}: NameServer = 104.197.191.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{e51f3e29-023d-4387-85fc-4a8fe86c57d9}: NameServer = 104.197.191.4
HKCU\SOFTWARE\QGuan00
HKCU\SOFTWARE\UpgSvr
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\FastWeb
C:\Program Files\Radnoc
O43 - CFD: 25/05/2016 - [] D -- C:\Users\Primael\AppData\Roaming\FjbMv
O43 - CFD: 25/05/2016 - [] D -- C:\Users\Primael\AppData\Roaming\JejwikOkeippe
O43 - CFD: 25/05/2016 - [] D -- C:\Users\Primael\AppData\Roaming\Laddalue
O43 - CFD: 25/05/2016 - [] D -- C:\Users\Primael\AppData\Roaming\Tazjun
O43 - CFD: 25/05/2016 - [] D -- C:\Users\Primael\AppData\Local\app
O43 - CFD: 25/05/2016 - [0] D -- C:\Users\Primael\AppData\Local\Installer
O43 - CFD: 24/05/2016 - [] D -- C:\Users\Primael\AppData\Local\{2707115B-03AF-7DE3-6E37-580B4A5FA493}
O45 - LFCP:[MD5.9A899DF7D82B06C995D5D7C8763BA497] 25/05/2016 A -- C:\WINDOWS\Prefetch\BOXORE.EXE-B5365AAB.pf =>PUP.Optional.Boxore
O45 - LFCP:[MD5.1A205D1744093794355A69999EE1029E] 25/05/2016 A -- C:\WINDOWS\Prefetch\COMBROADCASTER-RECOVER.TMP-0D175F10.pf =>PUP.Optional.EORezo
O45 - LFCP:[MD5.31893AE2FBCDA8BCC8A4D133E8A6023A] 25/05/2016 A -- C:\WINDOWS\Prefetch\TAZJUN.EXE-1105E8E1.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.9151D8C2B4A3445E9C08FCC69CBF7750] 25/05/2016 A -- C:\WINDOWS\Prefetch\ZDENGINE.EXE-023D421E.pf =>PUP.Optional.FastSearch
O61 - LFC: 2016/05/25 18:11:52 A . (..) -- C:\Users\Primael\AppData\Roaming\Tazjun\Puglogiv.dll [668672] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/25 18:11:52 A . (..) -- C:\Users\Primael\AppData\Roaming\Tazjun\Puglogiv.exe [143872] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/25 18:11:22 A . (..) -- C:\Users\Primael\AppData\Roaming\Tazjun\Tazjun.exe [170496] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/25 18:11:28 A . (..) -- C:\Users\Primael\AppData\Roaming\Tazjun\Xempaopg.dll [258560] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/25 18:11:20 A . (..) -- C:\Users\Primael\AppData\Roaming\Tazjun\Xempaopg.exe [112128] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:13:22 A . (..) -- C:\Users\Primael\AppData\Roaming\Laddalue\Aoyjuvvoe.dll [668672] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:13:20 A . (..) -- C:\Users\Primael\AppData\Roaming\Laddalue\Aoyjuvvoe.exe [143872] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:12:58 A . (..) -- C:\Users\Primael\AppData\Roaming\Laddalue\Gabed.dll [258560] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:12:50 A . (..) -- C:\Users\Primael\AppData\Roaming\Laddalue\Gabed.exe [112128] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:12:52 A . (..) -- C:\Users\Primael\AppData\Roaming\Laddalue\Laddalue.exe [170496] =>PUP.Optional.CrossRider
O61 - LFC: 2016/05/24 22:12:50 A . (..) -- C:\Users\Primael\AppData\Roaming\JejwikOkeippe\Laurea.exe
O61 - LFC: 2016/05/25 20:05:04 A . (.aze.) -- C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\71AMFTVO\combroadcaster-recover[1].exe [1749209] =>PUP.Optional.EORezo
O61 - LFC: 2016/05/25 20:04:14 A . (.Client Connect LTD.) -- C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\71AMFTVO\OrbiterInstaller[1].exe [764224] {6E08571F7C2C630E2F418F38E3B31674} =>PUP.Optional.SearchProtect
HKLM\SYSTEM\CurrentControlSet\Services\Cicsa =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Laddalue\Laddalue.exe =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Fueuccin =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Tazjun\Tazjun.exe =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Laddalue\Gabed.exe =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Tazjun\Xempaopg.exe =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Tazjun\Puglogiv.exe =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Laddalue\Aoyjuvvoe.exe =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro
C:\Users\Primael\AppData\Roaming\Laddalue =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Tazjun =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Local\app =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Local\Installer =>PUP.Optional.InstallPedia
C:\WINDOWS\Prefetch\BOXORE.EXE-B5365AAB.pf =>PUP.Optional.Boxore
C:\WINDOWS\Prefetch\COMBROADCASTER-RECOVER.TMP-0D175F10.pf =>PUP.Optional.EORezo
C:\WINDOWS\Prefetch\TAZJUN.EXE-1105E8E1.pf =>PUP.Optional.CrossRider
C:\WINDOWS\Prefetch\ZDENGINE.EXE-023D421E.pf =>PUP.Optional.FastSearch
C:\Users\Primael\AppData\Roaming\Tazjun\Puglogiv.dll =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Tazjun\Xempaopg.dll =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Laddalue\Aoyjuvvoe.dll =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Roaming\Laddalue\Gabed.dll =>PUP.Optional.CrossRider
C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\71AMFTVO\combroadcaster-recover[1].exe =>PUP.Optional.EORezo
C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\71AMFTVO\OrbiterInstaller[1].exe =>PUP.Optional.SearchProtect
C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\71AMFTVO\Setup[2].exe =>PUP.Optional.SearchProtect
C:\Users\Primael\AppData\Local\Microsoft\Windows\INetCache\IE\5J69ROBL\spacesoundpro-installer[1].exe =>.Superfluous.CSDI


Publicité


Signaler le contenu de ce document

Publicité