Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
ShortcutFix
[MD5.434B4AEC1C2D5400F802C703C6818B90] - (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [415232] [PID.4704] =>PUP.BrowserSafeguard
O4 - GS\Desktop [David]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>Crapware.SpyHunter
O4 - HKLM\..\Wow6432Node\Run: [BrowserSafeguard] . (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
[MD5.DA8CD61F10A777E1D045BE20E06D971A] [APT] [BrowserSafeguard Update Task] (...) -- C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [3345920] =>PUP.BrowserSafeguard
O42 - Logiciel: BrowserSafeguard with RocketTab - (.Browsersafeguard.) [HKLM][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
O43 - CFD: 27/01/2014 - 20:40:33 - [4,817] ----D C:\Program Files (x86)\Browsersafeguard =>PUP.BrowserSafeguard
O43 - CFD: 27/01/2014 - 20:43:25 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 27/01/2014 - 21:26:21 - [0,003] ----D C:\Users\David\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O43 - CFD: 27/01/2014 - 21:49:03 - [0,005] ----D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 27/01/2014 - 21:49:20 ---A- . (...) -- C:\shldr [285747] => Crapware.SpyHunter
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 27/01/2014 - 21:49:20 ---A- . (...) -- C:\shldr.mbr [8192] => Crapware.SpyHunter
O44 - LFC:[MD5.639B49CB4118510EB913085E107FFBEE] - 27/01/2014 - 21:51:29 ---A- . (...) -- C:\sh4_service.log [126] => Crapware.SpyHunter
O44 - LFC:[MD5.642B7166F764C56C5DF8B545DD328D9B] - 27/01/2014 - 22:50:58 ---A- . (...) -- C:\spyhunter.log [244] =>Crapware.SpyHunter
O69 - SBI: SearchScopes [HKCU] {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} - (百度一下,你就知道) - http://www.baidu.com =>Adware.BDSearch
[MD5.5C28E508C83A3B0DDBB224B04B1418B9] [SPRF][27/01/2014] (...) -- C:\Users\David\AppData\Local\Temp\SHSetup.exe [47329360] =>Crapware.SpyHunter
SR - | Auto 09/01/2014 1025408 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Classes\AppID\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Classes\TypeLib\{d02e3ab9-7796-40cb-bdfc-20d834fe1f75}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKLM\Software\Classes\BHO.IFlashGetNetscapeEx] =>Adware.BDSearch
[HKLM\Software\Classes\BHO.IFlashGetNetscapeEx.1] =>Adware.BDSearch
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter
[HKLM\Software\Classes\AppID\{2C254882-699A-464B-95F5-32F003F4F45C}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{2C254882-699A-464B-95F5-32F003F4F45C}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10245650-5917-4ff8-BED6-ABB91DD73E47}] =>Adware.BDSearch
[HKLM\Software\Classes\AppID\FlashgetHook.DLL] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{A0939A48-0E2F-453F-899C-595F6648EE88}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{A0939A48-0E2F-453F-899C-595F6648EE88}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{6DD9E779-2707-4BF0-8269-E4C6BD8B39B7}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{6DD9E779-2707-4BF0-8269-E4C6BD8B39B7}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{810B845F-70F3-4B05-9625-3FB37B59A884}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{810B845F-70F3-4B05-9625-3FB37B59A884}] =>Adware.BDSearch
[HKLM\Software\Classes\TypeLib\{DF772EB8-4116-49AE-8FA4-B5B078AA4198}] =>Adware.BDSearch
[HKLM\Software\Classes\FG2CatchUrl.Netscape] =>Adware.BDSearch
[HKLM\Software\Classes\FG2CatchUrl.Netscape.1] =>Adware.BDSearch
[HKLM\Software\Classes\FlashGetHook.FG3DownMgr] =>Adware.BDSearch
[HKLM\Software\Classes\FlashGetHook.FG3DownMgr.1] =>Adware.BDSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Program Files (x86)\Browsersafeguard =>PUP.BrowserSafeguard^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\Users\David\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\Users\David\AppData\Local\Software =>Adware.Boxore
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard^
C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard^
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
C:\Users\David\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\David\Desktop\SpyHunter.lnk =>Crapware.SpyHunter
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion => Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {A026F819-25D7-4B80-A5EA-2148C3DC6EC1} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
OPT:O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
McAfee Security Scan Plus v3.8.130.10 => McAfee, Inc
Spybot - Search & Destroy v2.0.12 => Safer Networking Ltd - Spybot S&D
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.4760]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.2068]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.2152]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.2464]
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe => McAfee, Inc
O4 - GS\Desktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe => Spybot-S&D Cleaning
O4 - GS\Desktop [Public]: 风行.lnk . (...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe => Spybot-S&D Cleaning
O4 - GS\QuickLaunch [David]: 风行.lnk . (...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe => McAfee, Inc
O4 - HKCU\..\Run: [Funshion] C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe => Spybot-S&D Cleaning
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => Spybot-S&D Cleaning
O4 - HKUS\S-1-5-21-1116533617-2325184075-3275638423-1001\..\Run: [Funshion] C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - HKUS\S-1-5-21-1116533617-2325184075-3275638423-1001\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe => Spybot-S&D Cleaning
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
[MD5.00000000000000000000000000000000] [APT] [{1EE3B5E4-AED9-4BF2-8D7D-6CC2E4ACD2F4}] (...) -- D:\Sims3SP01Setup.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [FSPlatform] (...) -- C:\Users\David\funshion\funshiontools\FSPAP.exe (.not file.) [0] => Fichier absent
[HKCU\Software\IncrediMail] => Messaging.Incredimail
[HKLM\Software\Wow6432Node\IncrediMail] => Messaging.Incredimail
O43 - CFD: 23/03/2012 - 09:43:48 - [0] ----D C:\ProgramData\kuwo => Empty Folder not necessary
O44 - LFC:[MD5.4318B2BBDB6D4B5761A2D1E011375976] - 15/01/2014 - 08:02:34 ---A- . (...) -- C:\Windows\DPINST.LOG [304576] => Fichiers de rapport (Log)
O51 - MPSK:{49ffc359-eb9e-11e1-b580-782bcb80284b}\AutoRun\command. (...) -- I:\Startme.exe (.not file.) => Fichier absent
[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] [SPRF][22/06/2012] (...) -- C:\Users\David\AppData\Local\Temp\ESGScanner.sys [22704] => Temporary file not necessary
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\David\AppData\Local\Temp\Quarantine.exe [360073] => Temporary file not necessary
[MD5.BE65A68CAF476E39FF62AF6813D0198F] [SPRF][02/11/2004] (...) -- C:\Users\David\AppData\Local\Temp\unrar.dll [158720] => Temporary file not necessary
[MD5.5B2DA96D90C95228239806D40B720BD2] [SPRF][18/08/2004] (...) -- C:\Users\David\AppData\Local\Temp\VP6.reg [340] => Temporary file not necessary
[MD5.1410ADCB69C267916EE702E2A443E93F] [SPRF][18/08/2004] (...) -- C:\Users\David\AppData\Local\Temp\VP6Install.exe [23040] => Temporary file not necessary
O87 - FAEL: "funshiontcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshion.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionudp" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshion.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{7E3C173D-2159-4CB7-A954-884D2FBE5387}C:\program files (x86)\qvodplayer\qvodterminal.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\qvodplayer\qvodterminal.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{BCD32347-6E79-479B-B9D0-8311B2871648}C:\program files (x86)\qvodplayer\qvodterminal.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\qvodplayer\qvodterminal.exe (.not file.) => Fichier absent
O87 - FAEL: "{78C8B434-A69A-451D-A07F-8444AE41FEE0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{0C334426-5082-4B4A-B1F1-F2E309E83074}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{ED156B12-3B8C-4EB3-B374-19E65DA4FB53}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{3832F0B5-A469-4BE0-B451-E9366BFC52F7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{069F155B-AB2B-4241-AF4E-A9839F1F437A}C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{87B89404-2B5C-43C1-A09C-7D2857D71485}C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionservicetcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionupgradetcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshionupgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{B1539567-36B8-4E1D-8678-75657A83DDF2}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{4A0803BE-2C8E-4982-BBB5-011B0B6EEFA4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{72D318D6-1057-4F63-9791-D47175CE252A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{9A812464-B7D6-4EC7-BAC9-55E3FAB1F9BF}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{D78DF8DB-78D5-401F-8649-254CCFDEE327}C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{6869DA85-BB9A-4B42-901A-C7FFA0EC5905}C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
SS - | Demand 06/09/2013 288776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe => McAfee, Inc
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => Spybot-S&D Cleaning
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => Spybot-S&D Cleaning
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
ShortcutFix
[MD5.434B4AEC1C2D5400F802C703C6818B90] - (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [415232] [PID.4704] =>PUP.BrowserSafeguard
O4 - GS\Desktop [David]: SpyHunter.lnk . (...) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe (.not file.) =>Crapware.SpyHunter
O4 - HKLM\..\Wow6432Node\Run: [BrowserSafeguard] . (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
[MD5.DA8CD61F10A777E1D045BE20E06D971A] [APT] [BrowserSafeguard Update Task] (...) -- C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [3345920] =>PUP.BrowserSafeguard
O42 - Logiciel: BrowserSafeguard with RocketTab - (.Browsersafeguard.) [HKLM][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
O43 - CFD: 27/01/2014 - 20:40:33 - [4,817] ----D C:\Program Files (x86)\Browsersafeguard =>PUP.BrowserSafeguard
O43 - CFD: 27/01/2014 - 20:43:25 - [0] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 27/01/2014 - 21:26:21 - [0,003] ----D C:\Users\David\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O43 - CFD: 27/01/2014 - 21:49:03 - [0,005] ----D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O44 - LFC:[MD5.D07138915E1B489BA08D2DBDFF441A60] - 27/01/2014 - 21:49:20 ---A- . (...) -- C:\shldr [285747] => Crapware.SpyHunter
O44 - LFC:[MD5.025926B83A938B5215F3C1DCC882F21C] - 27/01/2014 - 21:49:20 ---A- . (...) -- C:\shldr.mbr [8192] => Crapware.SpyHunter
O44 - LFC:[MD5.639B49CB4118510EB913085E107FFBEE] - 27/01/2014 - 21:51:29 ---A- . (...) -- C:\sh4_service.log [126] => Crapware.SpyHunter
O44 - LFC:[MD5.642B7166F764C56C5DF8B545DD328D9B] - 27/01/2014 - 22:50:58 ---A- . (...) -- C:\spyhunter.log [244] =>Crapware.SpyHunter
O69 - SBI: SearchScopes [HKCU] {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} - (百度一下,你就知道) - http://www.baidu.com =>Adware.BDSearch
[MD5.5C28E508C83A3B0DDBB224B04B1418B9] [SPRF][27/01/2014] (...) -- C:\Users\David\AppData\Local\Temp\SHSetup.exe [47329360] =>Crapware.SpyHunter
SR - | Auto 09/01/2014 1025408 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe =>Crapware.SpyHunter
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Classes\AppID\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1dd31b76-c57e-49ba-94bc-bf53f0c82cd4}] =>Adware.BDSearch
[HKLM\Software\Classes\TypeLib\{d02e3ab9-7796-40cb-bdfc-20d834fe1f75}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC}] =>Adware.BDSearch
[HKLM\Software\Classes\BHO.IFlashGetNetscapeEx] =>Adware.BDSearch
[HKLM\Software\Classes\BHO.IFlashGetNetscapeEx.1] =>Adware.BDSearch
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter
[HKLM\Software\Classes\AppID\{2C254882-699A-464B-95F5-32F003F4F45C}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{2C254882-699A-464B-95F5-32F003F4F45C}] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10245650-5917-4ff8-BED6-ABB91DD73E47}] =>Adware.BDSearch
[HKLM\Software\Classes\AppID\FlashgetHook.DLL] =>Adware.BDSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{116ba71c-8187-4f15-9a1f-c9d6289155d1}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{A0939A48-0E2F-453F-899C-595F6648EE88}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{A0939A48-0E2F-453F-899C-595F6648EE88}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{6DD9E779-2707-4BF0-8269-E4C6BD8B39B7}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{6DD9E779-2707-4BF0-8269-E4C6BD8B39B7}] =>Adware.BDSearch
[HKLM\Software\Classes\Interface\{810B845F-70F3-4B05-9625-3FB37B59A884}] =>Adware.BDSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{810B845F-70F3-4B05-9625-3FB37B59A884}] =>Adware.BDSearch
[HKLM\Software\Classes\TypeLib\{DF772EB8-4116-49AE-8FA4-B5B078AA4198}] =>Adware.BDSearch
[HKLM\Software\Classes\FG2CatchUrl.Netscape] =>Adware.BDSearch
[HKLM\Software\Classes\FG2CatchUrl.Netscape.1] =>Adware.BDSearch
[HKLM\Software\Classes\FlashGetHook.FG3DownMgr] =>Adware.BDSearch
[HKLM\Software\Classes\FlashGetHook.FG3DownMgr.1] =>Adware.BDSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Program Files (x86)\Browsersafeguard =>PUP.BrowserSafeguard^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\Users\David\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\Users\David\AppData\Local\Software =>Adware.Boxore
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard^
C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard^
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard^
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager^
C:\Users\David\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\David\Desktop\SpyHunter.lnk =>Crapware.SpyHunter
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion => Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {A026F819-25D7-4B80-A5EA-2148C3DC6EC1} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
OPT:O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
McAfee Security Scan Plus v3.8.130.10 => McAfee, Inc
Spybot - Search & Destroy v2.0.12 => Safer Networking Ltd - Spybot S&D
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.4760]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.2068]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.2152]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.2464]
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.) -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe => McAfee, Inc
O4 - GS\Desktop [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe => Spybot-S&D Cleaning
O4 - GS\Desktop [Public]: 风行.lnk . (...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - GS\Program [Public]: Spybot-S&D Start Center.lnk . (.Safer-Networking Ltd. - Start Center.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe => Spybot-S&D Cleaning
O4 - GS\QuickLaunch [David]: 风行.lnk . (...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe => McAfee, Inc
O4 - HKCU\..\Run: [Funshion] C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe => Spybot-S&D Cleaning
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => Spybot-S&D Cleaning
O4 - HKUS\S-1-5-21-1116533617-2325184075-3275638423-1001\..\Run: [Funshion] C:\Program Files (x86)\Funshion Online\2.8.9.7\Funshion.exe (.not file.) => Fichier absent
O4 - HKUS\S-1-5-21-1116533617-2325184075-3275638423-1001\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe => Spybot-S&D Cleaning
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning
[MD5.00000000000000000000000000000000] [APT] [{1EE3B5E4-AED9-4BF2-8D7D-6CC2E4ACD2F4}] (...) -- D:\Sims3SP01Setup.exe (.not file.) [0] => Fichier absent
[MD5.00000000000000000000000000000000] [APT] [FSPlatform] (...) -- C:\Users\David\funshion\funshiontools\FSPAP.exe (.not file.) [0] => Fichier absent
[HKCU\Software\IncrediMail] => Messaging.Incredimail
[HKLM\Software\Wow6432Node\IncrediMail] => Messaging.Incredimail
O43 - CFD: 23/03/2012 - 09:43:48 - [0] ----D C:\ProgramData\kuwo => Empty Folder not necessary
O44 - LFC:[MD5.4318B2BBDB6D4B5761A2D1E011375976] - 15/01/2014 - 08:02:34 ---A- . (...) -- C:\Windows\DPINST.LOG [304576] => Fichiers de rapport (Log)
O51 - MPSK:{49ffc359-eb9e-11e1-b580-782bcb80284b}\AutoRun\command. (...) -- I:\Startme.exe (.not file.) => Fichier absent
[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] [SPRF][22/06/2012] (...) -- C:\Users\David\AppData\Local\Temp\ESGScanner.sys [22704] => Temporary file not necessary
[MD5.3DF9C822FFD4245403113A555A27357F] [SPRF][12/01/2014] (...) -- C:\Users\David\AppData\Local\Temp\Quarantine.exe [360073] => Temporary file not necessary
[MD5.BE65A68CAF476E39FF62AF6813D0198F] [SPRF][02/11/2004] (...) -- C:\Users\David\AppData\Local\Temp\unrar.dll [158720] => Temporary file not necessary
[MD5.5B2DA96D90C95228239806D40B720BD2] [SPRF][18/08/2004] (...) -- C:\Users\David\AppData\Local\Temp\VP6.reg [340] => Temporary file not necessary
[MD5.1410ADCB69C267916EE702E2A443E93F] [SPRF][18/08/2004] (...) -- C:\Users\David\AppData\Local\Temp\VP6Install.exe [23040] => Temporary file not necessary
O87 - FAEL: "funshiontcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshion.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionudp" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshion.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{7E3C173D-2159-4CB7-A954-884D2FBE5387}C:\program files (x86)\qvodplayer\qvodterminal.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\qvodplayer\qvodterminal.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{BCD32347-6E79-479B-B9D0-8311B2871648}C:\program files (x86)\qvodplayer\qvodterminal.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\qvodplayer\qvodterminal.exe (.not file.) => Fichier absent
O87 - FAEL: "{78C8B434-A69A-451D-A07F-8444AE41FEE0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{0C334426-5082-4B4A-B1F1-F2E309E83074}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{ED156B12-3B8C-4EB3-B374-19E65DA4FB53}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{3832F0B5-A469-4BE0-B451-E9366BFC52F7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.6.56\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{069F155B-AB2B-4241-AF4E-A9839F1F437A}C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{87B89404-2B5C-43C1-A09C-7D2857D71485}C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.6.56\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionservicetcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "funshionupgradetcp" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\funshionupgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{B1539567-36B8-4E1D-8678-75657A83DDF2}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{4A0803BE-2C8E-4982-BBB5-011B0B6EEFA4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionService.exe (.not file.) => Fichier absent
O87 - FAEL: "{72D318D6-1057-4F63-9791-D47175CE252A}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "{9A812464-B7D6-4EC7-BAC9-55E3FAB1F9BF}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Funshion Online\2.8.9.7\FunshionUpgrade.exe (.not file.) => Fichier absent
O87 - FAEL: "TCP Query User{D78DF8DB-78D5-401F-8649-254CCFDEE327}C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
O87 - FAEL: "UDP Query User{6869DA85-BB9A-4B42-901A-C7FFA0EC5905}C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\funshion online\2.8.9.7\funshionservice.exe (.not file.) => Fichier absent
SS - | Demand 06/09/2013 288776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe => McAfee, Inc
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => Spybot-S&D Cleaning
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => Spybot-S&D Cleaning
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe => Spybot-S&D Cleaning