Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
G2 - GCE: Preference [User Data\Default] [aaaaihhnfnbnpbhpagnmoplpcjbediml] Music Toolbar v.35.9, (D�sactiv�) =>Adware.Bandoo
G2 - GCE: Preference [User Data\Default] [lbgfiglojokgabdbhegbpjgojgppppgf] Free Games 111 v.3.0.0.0 (D�sactiv�) =>Adware.ScriptHost
G2 - GCE: Preference [User Data\Default] [lgpgadkkcfgdlnbhohacfaoijbbcbbjj] ExstRaSSaavInggs v.4.2 (Activ�) =>PUP.ExtraSavings
G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [Music Toolbar] =>Adware.Bandoo
G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj [ExstRaSSaavInggs] =>PUP.ExtraSavings
R3 - URLSearchHook: SiteFinder [64Bits] - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (...) (No version) -- C:\Program Files (x86)\SiteFinder\SiteFinder.dll =>Adware.ShoppingReport
[MD5.00000000000000000000000000000000] [APT] [{9785FF2A-8AED-4B87-95BA-8AE86B97E68A}] (...) -- C:\Program Files (x86)\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.00000000000000000000000000000000] [APT] [{F1718888-704F-4B54-98DA-67AE0C5A7348}] (...) -- C:\Users\sv\Documents\setup\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics
O39 - APT: - (..) -- C:\Windows\Tasks\BXGPMZQGNH.job [312] =>Hijacker.iHaveNet
O41 - Driver: ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: PacFunction - (.PacFunction.) [HKLM][64Bits] -- PacFunction =>PUP.PacFunction
[HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware
[HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV
[HKCU\Software\MiniLyrics] =>Adware.AddLyrics
[HKCU\Software\PacFunction] =>PUP.PacFunction
[HKCU\Software\PopCap]
[HKCU\Software\UpToDown] =>PUP.UpToDown
[HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction
[HKLM\Software\Wow6432Node\PopCap]
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport
[HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch
O43 - CFD: 13/02/2014 - 21:21:17 - [0] ----D C:\Program Files (x86)\PopCap Games
O43 - CFD: 22/05/2014 - 23:11:20 - [] ----D C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport
O43 - CFD: 28/04/2014 - 10:10:31 - [0] ----D C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch
O43 - CFD: 21/03/2014 - 08:43:27 - [] ----D C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings
O43 - CFD: 21/05/2014 - 15:05:58 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 13/02/2014 - 20:10:12 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 08/04/2014 - 15:01:31 - [] ----D C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare
O43 - CFD: 13/01/2014 - 09:41:48 - [] ----D C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh
O45 - LFCP:[MD5.9AFB4F1FA7074E9381CE41299FEC65D9] - 23/05/2014 - 12:05:54 ---A- - C:\Windows\Prefetch\PACFUNCTION.BROWSERADAPTER.EX-2183B385.pf =>PUP.PacFunction
O45 - LFCP:[MD5.5F7D97EF0719397D23C4F9D36A7ECA17] - 23/05/2014 - 08:35:18 ---A- - C:\Windows\Prefetch\PACFUNCTION.PURBROWSE64.EXE-70D2A6FB.pf =>PUP.PacFunction
O45 - LFCP:[MD5.EBD898CE479AB2D9601959E6C2B399A7] - 22/05/2014 - 08:34:38 ---A- - C:\Windows\Prefetch\UPDATEPACFUNCTION.EXE-679EEFBC.pf =>PUP.PacFunction
O45 - LFCP:[MD5.86E28B56C1318F5FF047896BD5759465] - 23/05/2014 - 08:04:22 ---A- - C:\Windows\Prefetch\UTILPACFUNCTION.EXE-6E7E7FC4.pf =>PUP.PacFunction
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\SEARCH~1\Datamngr\DATAMN~2.exe (.not file.) =>PUP.Datamngr
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O58 - SDL:24/04/2014 - 11:33:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [61120] =>PUP.LinkiDoo
O61 - LFC: 19/05/2014 - 16:00:18 ---A- . (.SoftCity.) -- C:\Users\sv\Downloads\PCSpeedMaximizer.exe [2857072] =>Rogue.PCSpeedMaximizer
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) .(.StdLib - StdLib.) - LEGACY_{19854AFF-7C07-4859-9831-CD028AC55DD0}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {094AE69A-F1F6-4807-964F-752BEE9B0F49} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} [DefaultScope] - (Speedbit Search) - http://go.speedbit.com
[MD5.CAC59EB85CD9EF691F2AD462AAD17FFF] [WIS][24/02/2014] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\6068d.msi [813568] =>Adware.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASAPI32 =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASMANCS =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASMANCS =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32 =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASAPI32 =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASMANCS =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASMANCS =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASMANCS =>PUP.PacFunction
[HKLM\Software\Google\Chrome\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml] =>Adware.Bandoo^
[HKLM\Software\Google\Chrome\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf] =>Adware.ScriptHost^
[HKLM\Software\Google\Chrome\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj] =>PUP.ExtraSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PacFunction] =>PUP.PacFunction^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Associations]:bak_Application =>Hijacker.Agent
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} =>Adware.ShoppingReport^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml =>Adware.Bandoo^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf =>Adware.ScriptHost^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj =>PUP.ExtraSavings^
C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport^
C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch^
C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare^
C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Windows\Tasks\BXGPMZQGNH.job =>Hijacker.iHaveNet^
[HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware^
[HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV^
[HKCU\Software\MiniLyrics] =>Adware.AddLyrics^
[HKCU\Software\PacFunction] =>PUP.PacFunction^
[HKCU\Software\UpToDown] =>PUP.UpToDown^
[HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction^
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport^
[HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch^
C:\Windows\Installer\6068d.msi =>Adware.Bandoo^
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
G2 - GCE: Preference [User Data\Default] [aaaaihhnfnbnpbhpagnmoplpcjbediml] Music Toolbar v.35.9, (D�sactiv�) =>Adware.Bandoo
G2 - GCE: Preference [User Data\Default] [lbgfiglojokgabdbhegbpjgojgppppgf] Free Games 111 v.3.0.0.0 (D�sactiv�) =>Adware.ScriptHost
G2 - GCE: Preference [User Data\Default] [lgpgadkkcfgdlnbhohacfaoijbbcbbjj] ExstRaSSaavInggs v.4.2 (Activ�) =>PUP.ExtraSavings
G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [Music Toolbar] =>Adware.Bandoo
G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj [ExstRaSSaavInggs] =>PUP.ExtraSavings
R3 - URLSearchHook: SiteFinder [64Bits] - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (...) (No version) -- C:\Program Files (x86)\SiteFinder\SiteFinder.dll =>Adware.ShoppingReport
[MD5.00000000000000000000000000000000] [APT] [{9785FF2A-8AED-4B87-95BA-8AE86B97E68A}] (...) -- C:\Program Files (x86)\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics
[MD5.00000000000000000000000000000000] [APT] [{F1718888-704F-4B54-98DA-67AE0C5A7348}] (...) -- C:\Users\sv\Documents\setup\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics
O39 - APT: - (..) -- C:\Windows\Tasks\BXGPMZQGNH.job [312] =>Hijacker.iHaveNet
O41 - Driver: ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys =>PUP.LinkiDoo
O42 - Logiciel: PacFunction - (.PacFunction.) [HKLM][64Bits] -- PacFunction =>PUP.PacFunction
[HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware
[HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV
[HKCU\Software\MiniLyrics] =>Adware.AddLyrics
[HKCU\Software\PacFunction] =>PUP.PacFunction
[HKCU\Software\PopCap]
[HKCU\Software\UpToDown] =>PUP.UpToDown
[HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction
[HKLM\Software\Wow6432Node\PopCap]
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport
[HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch
O43 - CFD: 13/02/2014 - 21:21:17 - [0] ----D C:\Program Files (x86)\PopCap Games
O43 - CFD: 22/05/2014 - 23:11:20 - [] ----D C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport
O43 - CFD: 28/04/2014 - 10:10:31 - [0] ----D C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch
O43 - CFD: 21/03/2014 - 08:43:27 - [] ----D C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings
O43 - CFD: 21/05/2014 - 15:05:58 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 13/02/2014 - 20:10:12 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 08/04/2014 - 15:01:31 - [] ----D C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare
O43 - CFD: 13/01/2014 - 09:41:48 - [] ----D C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh
O45 - LFCP:[MD5.9AFB4F1FA7074E9381CE41299FEC65D9] - 23/05/2014 - 12:05:54 ---A- - C:\Windows\Prefetch\PACFUNCTION.BROWSERADAPTER.EX-2183B385.pf =>PUP.PacFunction
O45 - LFCP:[MD5.5F7D97EF0719397D23C4F9D36A7ECA17] - 23/05/2014 - 08:35:18 ---A- - C:\Windows\Prefetch\PACFUNCTION.PURBROWSE64.EXE-70D2A6FB.pf =>PUP.PacFunction
O45 - LFCP:[MD5.EBD898CE479AB2D9601959E6C2B399A7] - 22/05/2014 - 08:34:38 ---A- - C:\Windows\Prefetch\UPDATEPACFUNCTION.EXE-679EEFBC.pf =>PUP.PacFunction
O45 - LFCP:[MD5.86E28B56C1318F5FF047896BD5759465] - 23/05/2014 - 08:04:22 ---A- - C:\Windows\Prefetch\UTILPACFUNCTION.EXE-6E7E7FC4.pf =>PUP.PacFunction
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\SEARCH~1\Datamngr\DATAMN~2.exe (.not file.) =>PUP.Datamngr
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O58 - SDL:24/04/2014 - 11:33:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [61120] =>PUP.LinkiDoo
O61 - LFC: 19/05/2014 - 16:00:18 ---A- . (.SoftCity.) -- C:\Users\sv\Downloads\PCSpeedMaximizer.exe [2857072] =>Rogue.PCSpeedMaximizer
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) .(.StdLib - StdLib.) - LEGACY_{19854AFF-7C07-4859-9831-CD028AC55DD0}GW64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {094AE69A-F1F6-4807-964F-752BEE9B0F49} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} [DefaultScope] - (Speedbit Search) - http://go.speedbit.com
[MD5.CAC59EB85CD9EF691F2AD462AAD17FFF] [WIS][24/02/2014] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\6068d.msi [813568] =>Adware.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASMANCS =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASAPI32 =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASMANCS =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASMANCS =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32 =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASAPI32 =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASMANCS =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASMANCS =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASAPI32 =>PUP.PacFunction
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASMANCS =>PUP.PacFunction
[HKLM\Software\Google\Chrome\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml] =>Adware.Bandoo^
[HKLM\Software\Google\Chrome\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf] =>Adware.ScriptHost^
[HKLM\Software\Google\Chrome\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj] =>PUP.ExtraSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PacFunction] =>PUP.PacFunction^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Associations]:bak_Application =>Hijacker.Agent
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} =>Adware.ShoppingReport^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml =>Adware.Bandoo^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf =>Adware.ScriptHost^
C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj =>PUP.ExtraSavings^
C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport^
C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch^
C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare^
C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Windows\Tasks\BXGPMZQGNH.job =>Hijacker.iHaveNet^
[HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware^
[HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV^
[HKCU\Software\MiniLyrics] =>Adware.AddLyrics^
[HKCU\Software\PacFunction] =>PUP.PacFunction^
[HKCU\Software\UpToDown] =>PUP.UpToDown^
[HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction^
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport^
[HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch^
C:\Windows\Installer\6068d.msi =>Adware.Bandoo^
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore