cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
M3 - MFPP: Plugins - [JVC] -- C:\Documents and Settings\JVC\Application Data\Mozilla\Firefox\Profiles\c0uo3rxg.default\searchplugins\BrowserProtect.xml =>Hijacker.Eazel
M3 - MFPP: Plugins - [JVC] -- C:\Documents and Settings\JVC\Application Data\Mozilla\Firefox\Profiles\c0uo3rxg.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
O1 - Hosts: 210.240.144.166 we9stun.winning-eleven.net
O1 - Hosts: 217.112.88.118 pes6gate-ec.winning-eleven.net
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[HKCU\Software\596dad0b434e414] =>Hijacker.Hijacker.Eazel
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles
[HKLM\Software\596dad0b434e414] =>Hijacker.Hijacker.Eazel
[[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\ExpressFiles] =>Adware.ExpressFiles
HKLM\Software\Tarma Installer] =>PUP.Tarma
O43 - CFD: 13/10/2013 - 20:03:04 - [0] ----D C:\Program Files\diamondata =>Hijacker.Diamondata
O43 - CFD: 06/04/2013 - 00:28:51 - [4,594] ----D C:\Program Files\GUM61.tmp
O43 - CFD: 14/04/2013 - 23:09:48 - [0] ----D C:\Documents and Settings\All Users\Application Data\Babylon =>PUP.Babylon
O43 - CFD: 25/04/2013 - 18:54:02 - [0,005] ----D C:\Documents and Settings\All Users\Application Data\InstallMate
O43 - CFD: 18/04/2013 - 00:19:57 - [0,783] ----D C:\Documents and Settings\All Users\Application Data\Tarma Installer =>PUP.Tarma
O43 - CFD: 14/04/2013 - 23:09:47 - [0,006] ----D C:\Documents and Settings\JVC\Application Data\Babylon =>PUP.Babylon
O43 - CFD: 13/10/2013 - 20:00:41 - [0,002] ----D C:\Documents and Settings\JVC\Application Data\ExpressFiles =>Adware.ExpressFiles
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\goforfilesdl.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\GoforFiles.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\expressdl.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\ExpressFiles.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("avg.install.userHPSettings", "http://www1.delta-search.com/?affID=119292&babsrc=HP_ss&mntrId=2049001921210BC3"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("avg.install.userSPSettings", "Delta Search");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.dfltLng", "fr");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.id", "2049088e000000000000101111111111");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.instlDay", "15991");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.vrsn", "1.8.24.6");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.vrsnTs", "1.8.24.621:05:09");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta.vrsni", "1.8.24.6");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta_i.babTrack", "affID=122147&tsp=5034");
O69 - SBI: prefs.js [JVC - c0uo3rxg.default] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch
[HKCU\Software\596dad0b434e414\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\596dad0b434e414\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Hijacker.Eazel
[HKCU\Software\596dad0b434e414] =>PUP.Babylon^
[HKLM\Software\596dad0b434e414]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055AF109-DE93-4160-BCFC-7DA70ECAA020}] =>Hijacker.Diamondata
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
C:\Program Files\diamondata =>Hijacker.Diamondata^
C:\Documents and Settings\All Users\Application Data\Babylon =>PUP.Babylon^
C:\Documents and Settings\All Users\Application Data\Tarma Installer =>PUP.Tarma^
C:\Documents and Settings\JVC\Application Data\Babylon =>PUP.Babylon^
C:\Documents and Settings\JVC\Application Data\ExpressFiles =>Adware.ExpressFiles^
C:\Documents and Settings\All Users\Application Data\InstallMate =>PUP.Tarma
C:\WINDOWS\Tasks\GoforFilesUpdate.job =>P2P.GoforFiles^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles^
[HKLM\Software\Babylon] =>PUP.Babylon^
[HKLM\Software\ExpressFiles] =>Adware.ExpressFiles^
[HKCU\Software\596dad0b434e414\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel^
[HKCU\Software\596dad0b434e414] =>PUP.Babylon^^

EmptyFlash
EmptyTemp
EmptyClsid
FirewallRaz
Proxyfix
SysRestore

Publicité


Signaler le contenu de ce document

Publicité