cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþScript ZHPFix
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified => INTERNET EXPLORER : Supprime message de connexion sécurisée
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://en.eazel.com =>Hijacker.Eazel
O4 - HKCU\..\Run: [Softango Downloader213706.exe] C:\Users\patsong\AppData\Local\Temp\Softango Downloader213706.exe (.not file.) => Infection Rogue (Trojan.FakeAlert)
O4 - HKUS\S-1-5-21-3885057622-3054522135-2263952012-1000\..\Run: [Softango Downloader213706.exe] C:\Users\patsong\AppData\Local\Temp\Softango Downloader213706.exe (.not file.) => Infection Rogue (Trojan.FakeAlert)
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\patsong\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{EDBBEDB3-FDC2-41B3-AEAD-B749D4D3B449}] (...) -- C:\Users\patsong\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 14/12/2013 - 16:53:43 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
[MD5.883DFC791AAF1298FCFC2BCF5471BBFC] [SPRF][14/12/2013] (...) -- C:\Users\patsong\AppData\Local\Temp\SHSetup.exe [46777424] =>Crapware.SpyHunter
O87 - FAEL: "{F874391E-B555-47AD-98A1-BAD4F1CFEF9F}" |In - Public - P6 - TRUE | .(...) -- C:\Users\patsong\AppData\Local\DProtect\DProtectSvc.exe (.not file.) =>Trojan.Staser
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311711180}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311711180}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\ProgramData\WPM =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\patsong\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\patsong\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
C:\Users\patsong\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon
[MD5.BB4F6465EEB9ACAA5C60C36983740219] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [310352] [PID.5860] =>Toolbar.Google
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline => Toolbar.Norton
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline => Toolbar.Google
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-3885057622-3054522135-2263952012-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
[MD5.A7A954D9A141260771349A41526543B0] [APT] [Amazon Music Helper] (...) -- C:\Users\patsong\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072]
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\patsong\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{220CFC38-C4B4-4607-9490-2A89876C33DB}] (...) -- C:\Users\patsong\Downloads\LIONG.Les.Amulettes.Perdues.By.Chris94380.For.wawa-mania.cc\liong-les-amulettes-perdues.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{31AEA226-5A40-474B-80A4-EE7B924FE95F}] (...) -- E:\Office.2010.Professional.Plus.Beta.FRENCH.x86.KEY-wWw.Extreme-Down.Com\fr_office_professional_plus_2010_beta_x86_x16-19228.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{5907EB54-86FA-4C63-A333-CA5EFFA97BCE}] (...) -- C:\Users\patsong\Desktop\jeux\Pj.Pride.Pet.Detective.By.Chris94380.For.wawa-mania.cc\pj-pride-pet-detective.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{81F23AF2-4A66-4FC4-9600-AF28FFFBBFAF}] (...) -- C:\Users\patsong\Desktop\jeux\Hawaiian.Explorer.2.Lost.Island.By.Chris94380.For.wawa-mania.cc\hawaiian-explorer-2-lost-island.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{8B34123D-339B-499A-BE19-E3467750851E}] (...) -- C:\Users\patsong\Desktop\jeux\MystSetupVideo.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{948968FC-A13F-4B96-9DF3-A4EBB8EF0A23}] (...) -- C:\Users\patsong\Downloads\Imperial.City.The.Crown.of.the.King.By.Chris94380.For.wawa-mania.cc\imperial-city-the-crown-of-the-king.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{9E322AE5-42CF-42BA-BFEC-77D8AAEF5692}] (...) -- E:\.\Autorun.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{B259F459-CA57-433A-A975-6AE509E6E1D5}] (...) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (.not file.) [0] => Adobe%Acrobat Reader
[MD5.00000000000000000000000000000000] [APT] [{E170FBF4-2547-4DB3-B6B1-3D79D62C9914}] (...) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe (.not file.) [0] => Foxit Corporation Foxit Reader
[MD5.00000000000000000000000000000000] [APT] [{EDBBEDB3-FDC2-41B3-AEAD-B749D4D3B449}] (...) -- C:\Users\patsong\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (.not file.) [0] =>Adware.MegaSearch
[MD5.00000000000000000000000000000000] [APT] [{F1D82AB3-C8F2-460F-83A2-59BCA7442648}] (...) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (.not file.) [0] => Adobe%Acrobat Reader
[MD5.00000000000000000000000000000000] [APT] [{F62431A8-8ADB-4DE5-B0DB-1EB13DC738D6}] (...) -- E:\setup.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
[MD5.00000000000000000000000000000000] [APT] [{F972351A-ED41-4FE8-BFE8-30E4379EA969}] (...) -- E:\Office.2010.Professional.Plus.Beta.FRENCH.x86.KEY-wWw.Extreme-Down.Com\fr_office_professional_plus_2010_beta_x86_x16-19228.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [{FF178DE8-A493-4467-A3C4-B7B98866DABC}] (...) -- C:\Users\patsong\Desktop\jeux\Imperial.City.The.Crown.of.the.King.By.Chris94380.For.wawa-mania.cc\imperial-city-the-crown-of-the-king.exe (.not file.) [0] => Fichier absent
O43 - CFD: 14/09/2013 - 21:33:11 - [0] ----D C:\ProgramData\AstralaxWrapper


ShortcutFix
FirewallRaz
Emptytemp
SysRestore


Publicité


Signaler le contenu de ce document

Publicité