cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
SysRestore
ProxyFix
ShortcutFix
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.zonealarm.com
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D7F26D0E-9801-45C3-A091-8A65E4ED73B5} Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_4] Cl� orpheline
[MD5.00000000000000000000000000000000] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-1] (...) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-2] (...) -- C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-3] (...) -- C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-4] (...) -- C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-5] (...) -- C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [Lancer Registry Reviver] (...) -- C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{55DE8DC4-882F-4D12-95FE-B4F7BAB08C59}] (...) -- J:\copie de D\Funshion.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{9E049030-A57B-415C-B230-681E257EFA94}] (...) -- C:\Users\tom and sophia\Downloads\puzzle-express_s5_l4_gF537T1L4_d1082106851.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{E1717D21-AACB-484E-91FD-FA08C68A1686}] (...) -- C:\Users\tom and sophia\Documents\T�l�chargements\FunshionInstall_C1024.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{F5B2FE64-BCC5-4161-96C8-FA82C95B8EF8}] (...) -- J:\copie de D\Funshion.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FD9D2E76-CEF4-4586-84C3-D5F7D150F0AD}] (...) -- C:\Program Files\Tencent\QQToolbar\SOSOToolbarUninst.exe (.not file.) [0]
O41 - Driver: (LongRADrv) . (. - .) - C:\Program Files (x86)\cloud\LongRADrv.sys (.not file.)
SS - | Disabled 10/07/1658 0 | (CloudServer) . (...) - C:\Program Files (x86)\cloud\CloudServer.exe
O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {95f167a5-0099-474f-bb32-bccca980aa7e}
O42 - Logiciel: ZoneAlarm Security Toolbar - (.Check Point Software Technologies LTD.) [HKLM][64Bits] -- ZoneAlarm Security Toolbar
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {AAF89271-2594-468D-B578-96B2E30C41C4}
[HKCU\Software\AppDataLow\Software\AddressBar]
[HKCU\Software\KuGoo6]
[HKCU\Software\Waije]
[HKCU\Software\funshionAddr]
[HKLM\Software\Wow6432Node\Funshion]
O43 - CFD: 20/03/2011 - 13:55:04 - [] ----D C:\Program Files (x86)\KuGou
O43 - CFD: 21/12/2011 - 13:52:05 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 13/08/2012 - 09:58:46 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 21/12/2011 - 13:52:04 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 28/12/2010 - 11:13:31 - [] ----D C:\Users\tom and sophia\AppData\Roaming\funshionAddr
O43 - CFD: 20/03/2011 - 14:30:21 - [] ----D C:\Users\tom and sophia\AppData\Roaming\KuGou
O43 - CFD: 17/08/2012 - 21:30:27 - [] ----D C:\Users\tom and sophia\AppData\Local\APN
O43 - CFD: 18/02/2010 - 00:16:12 - [0] ----D C:\Users\tom and sophia\AppData\Local\ppbrmo
O45 - LFCP:[MD5.FD19043C20CEAF2848C00858992F901F] - 05/05/2014 - 19:46:54 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARMANAGER_8CA8B414-316F10F7.pf =>Toolbar.Google
O45 - LFCP:[MD5.CBD5AC1E61304AA349FECA1A49ED9FCC] - 05/05/2014 - 19:46:47 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf =>Toolbar.Google
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\uusee\UUSeePlayer.exe" [Enabled] .(...) -- C:\Program Files (x86)\uusee\UUSeePlayer.exe (.not file.) => Trojan.Zpack
O53 - SMSR:HKLM\...\startupreg\Browser Infrastructure Helper [Key] . (...) -- C:\Users\tom and sophia\AppData\Local\Smartbar\Application\Smartbar.exe (.not file.) =>Hijacker.SmartBar
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\SEARCH~1\SEARCH~1\DATAMN~1.exe (.not file.) =>PUP.Datamngr
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.)
O58 - SDL:06/04/2014 - 19:53:26 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61112]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (StartWeb) - http://start.iminent.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {89A09B27-72B9-430B-8219-2B1F544EFA9A} - (Search By ZoneAlarm) - http://search.zonealarm.com => Toolbar.ZoneAlarm
O90 - PUC: "17298FAA4952D8645B87692B3EC0144C" . (.eBay Worldwide.) -- c:\Windows\Installer\{AAF89271-2594-468D-B578-96B2E30C41C4}\_6FEFF9B68218417F98F549.exe =>Toolbar.eBay
[MD5.0A517BFDBF16092D7D813FAA69BB7F65] [WIS][09/02/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\1d293c5a.msi [1712128] =>Adware.IncrediBar
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BaiduService_RASAPI32 =>Adware.BDSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BaiduService_RASMANCS =>Adware.BDSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\baidu_RASAPI32 =>Adware.BDSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\baidu_RASMANCS =>Adware.BDSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Brothersoftdownloader_for_FL_Studio_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Brothersoftdownloader_for_FL_Studio_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\whitesmoke-silent_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\whitesmoke-silent_RASMANCS =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeRegistration_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeRegistration_RASMANCS =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en(2)_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en(2)_RASMANCS =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en(3)_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en(3)_RASMANCS =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo54_en_RASMANCS =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo9221_en_RASAPI32 =>PUP.WhiteSmoke
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WhiteSmokeWriterGeo9221_en_RASMANCS =>PUP.WhiteSmoke
SS - | Disabled 10/07/1658 0 | (Util melondrea) . (...) - C:\Program Files (x86)\melondrea\bin\utilmelondrea.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{95f167a5-0099-474f-bb32-bccca980aa7e}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar] =>Toolbar.ZoneAlarm^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AAF89271-2594-468D-B578-96B2E30C41C4}] =>Toolbar.eBay^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Browser Infrastructure Helper] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\swg] =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{d02e3ab9-7796-40cb-bdfc-20d834fe1f75}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar] =>Toolbar.ZoneAlarm
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Protection_ZoneAlarm Toolbar] =>Toolbar.ZoneAlarm
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511421153}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522422253}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:stv_fr_4 =>PUP.Eorezo^
[HKCU\Software\AppDataLow\Software\baidu] =>Adware.BDSearch^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKCU\Software\WhiteSmoke] =>PUP.WhiteSmoke^
[HKLM\Software\Wow6432Node\WhiteSmoke] =>PUP.WhiteSmoke^
C:\Windows\Installer\1d293c5a.msi =>Adware.IncrediBar^
[HKCR\CLSID\{11111111-1111-1111-1111-110511421153}] (Freeven pro 1.2) =>PUP.Freeven^
[HKCR\CLSID\{22222222-2222-2222-2222-220522422253}] (CrossriderApp0054253.Sandbox) =>PUP.CrossRider^
EmptyCLSID
EmptyFlash
EmptyTemp

Publicité


Signaler le contenu de ce document

Publicité