Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
O[MD5.6383C805CBA4A7A27BEBB9919D64AF20] [APT] [Java Update] (...) -- C:\Program Files (x86)\Java\Java.exe [187464]
[MD5.5AFC57E409E859D48EBAC2540A8E3460] [APT] [keepup] (...) -- C:\Users\c4\AppData\Roaming\miaul\RJFC.exe [82504]
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [Office] (...) -- C:\Program Files (x86)\Office\Office.exe [187464]
O42 - Logiciel: EKF Diagnostics - (...) [HKCU][64Bits] -- EKF-Diagnostics
O42 - Logiciel: Euroimmun_Analyzer_I - (...) [HKLM][64Bits] -- {FDB6058D-ECB5-4DCB-95E7-B61D832BC614}
[HKCU\Software\Euroimmun]
[HKCU\Software\MyTransitGuide_b7]
[HKLM\Software\Wow6432Node\EUROIMMUN]
[HKLM\Software\Wow6432Node\MyTransitGuide_b7]
[HKLM\Software\Wow6432Node\WinPj]
O43 - CFD: 15-Oct-14 - 10:46:31 AM - [] ----D C:\Program Files (x86)\BD Accuri
O43 - CFD: 07-Oct-14 - 3:14:03 PM - [] ----D C:\Program Files (x86)\EUROIMMUN
O43 - CFD: 16-Nov-14 - 12:26:13 AM - [] ----D C:\Program Files (x86)\MyTransitGuide_b7
O43 - CFD: 16-Nov-14 - 12:44:23 AM - [] ----D C:\Program Files (x86)\Common Files\Config
O43 - CFD: 10-May-14 - 1:22:36 AM - [] ----D C:\ProgramData\TCE
O43 - CFD: 16-Nov-14 - 12:44:39 AM - [] ----D C:\Users\c4\AppData\Roaming\Fixs
O43 - CFD: 21-Nov-14 - 6:47:07 PM - [] ----D C:\Users\c4\AppData\Roaming\miaul
O43 - CFD: 24-Aug-14 - 2:07:22 PM - [0] ----D C:\Users\c4\AppData\Roaming\rmi
O43 - CFD: 16-Nov-14 - 12:44:42 AM - [] ----D C:\Users\c4\AppData\Roaming\SPK
O43 - CFD: 08-Sep-14 - 2:11:50 PM - [] ----D C:\Users\c4\AppData\Local\EKF-Diagnostics
O43 - CFD: 29-Oct-14 - 8:05:29 PM - [] ----D C:\Users\c4\AppData\Local\Installer
O43 - CFD: 16-Nov-14 - 12:27:38 AM - [] ----D C:\Users\c4\AppData\Local\MyTransitGuide_b7
O43 - CFD: 15-Oct-14 - 10:46:39 AM - [0] ----D C:\Users\c4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BD Accuri
[MD5.21754903D528C68329D6BECA9B671E4F] [SPRF][03-Nov-09] (...) -- C:\Users\c4\Desktop\layout.bin [422]
[MD5.A6D19C2381AD7AF78B13E6160F69C375] [SPRF][15-Apr-12] (...) -- C:\Users\c4\Desktop\u1201.exe [1435240]
[MD5.2752F141ABF5DA8C3E97267B1EF0CC68] [SPRF][20-Jul-14] (...) -- C:\Users\c4\Desktop\ultravpn-install.exe [1443785]
SS - | Demand 11-Jul-58 0 | (MyTransitGuide_b7Service) . (...) - C:\Program Files (x86)\MYTRAN~2\bar\1.bin\b7barsvc.exe
[HKCU\Software\Popajar]
[HKLM\Software\Wow6432Node\Client]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
M3 - MFPP: Plugins - [c4] -- C:\Users\c4\AppData\Roaming\Mozilla\Firefox\Profiles\h2w6n8h2.default-1416041767838\searchplugins\VenteeRo.xml =>Trojan.Vonteera
M0 - MFSP: prefs.js [c4 - h2w6n8h2.default-1416041767838] http://www.arabyonline.com
M0 - MFSP: user.js [c4 - h2w6n8h2.default-1416041767838] http://www.arabyonline.com
O2 - BHO: edccb4a004ec01329fbb0fbe6070a3f60063285 [64Bits] - {11111111-1111-1111-1111-110611321185} Orphan key
O2 - BHO: FoxPro [64Bits] - {598AC71E-BE58-3981-B78A-5C138F423AD6} . (...) -- C:\Users\c4\AppData\Roaming\VolIE\FoxPro_32.dll =>Trojan.Vonteera
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [4CEFD9B73D6C-1CRMOI2] (...) -- C:\Users\c4\AppData\Roaming\ARHome\Updater.exe [187464] =>Trojan.Vonteera
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [9A5A8340-6B15] (...) -- C:\Users\c4\AppData\Roaming\ARHome\Updater.exe [187464] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [{245897B4-F052-4B0A-993C-53CE24767440}] (...) -- C:\Users\c4\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[HKCU\Software\ARHome] =>Trojan.Vonteera
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera
[HKCU\Software\NoVooIT]
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera
[HKLM\Software\Wow6432Node\YourFileDownloader]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 15-Nov-14 - 7:49:59 PM - [] ----D C:\Program Files (x86)\Universal Updater
O43 - CFD: 21-Nov-14 - 6:47:03 PM - [] ----D C:\Users\c4\AppData\Roaming\ARHome =>Trojan.Vonteera
O43 - CFD: 21-Nov-14 - 6:47:07 PM - [] ----D C:\Users\c4\AppData\Roaming\VolIE =>Trojan.Vonteera
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}] =>Trojan.Vonteera^
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}] =>PUP.CrossRider
C:\Users\c4\AppData\Roaming\ARHome =>Trojan.Vonteera^
C:\Users\c4\AppData\Roaming\VolIE =>Trojan.Vonteera^
C:\Users\c4\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Users\c4\AppData\Roaming\ARHome\Updater.exe =>Trojan.Vonteera^
[HKCU\Software\ARHome] =>Trojan.Vonteera^
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera^
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\c4\AppData\Roaming\Mozilla\Firefox\Profiles\qrr4wk6e.default-1415993032286\prefs.js (.not file.)
O4 - HKLM\..\Run: [InstallerLauncher] C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\System32\DRIVERS\BAPIDRV64.sys (.not file.)
O51 - MPSK:{00d04816-a309-11e3-8252-806e6f6e6963}\AutoRun\command. (...) -- D:\CD_Start.exe (.not file.)
[MD5.B690184CD2C5D9FFAF2873EDCF306BA1] [SPRF][21-Nov-14] (...) -- C:\ProgramData\1416515000.bdinstall.bin [267641]
O51 - MPSK:{519119f3-3258-11e4-82b1-28e347ba10c1}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O2 - BHO: btorbit.com [64Bits] - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O4 - GS\QuickLaunch [c4]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
O87 - FAEL: "{1918787B-0FDA-4972-A9DD-37988F134C48}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{281EAC31-2321-4FF6-9A9D-528FCBB0E224}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
[HKCU\Software\Softonic]
[HKCU\Software\Softonic]
[MD5.AB0C872B1FFE283D20C91C8E575E2F67] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\c4\AppData\Roaming\Dropbox\bin\Dropbox.exe [35419192] [PID.6872]
[HKCU\Software\AdsFix]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
HKLM\Software\AdsFix]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AdsFix]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
O44 - LFC:[MD5.F2B7BA3BBC2E7DB9BFCC732458CBD1B7] - 21-Nov-14 - 2:14:14 AM ---A- . (...) -- C:\AdsFix_21_11_2014_02_14_16.txt [49901]
O43 - CFD: 29-Oct-14 - 8:50:42 AM - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 16-Nov-14 - 12:27:54 AM - [] ----D C:\Users\c4\AppData\Roaming\Baidu
O43 - CFD: 29-Oct-14 - 8:50:33 AM - [0] ----D C:\Users\c4\AppData\Roaming\Baidu Security
C:\Users\c4\Desktop\wrar52b2.MaZiKa2daY.CoM\wrar52b2\winrar.KEYGEN-FFF.zip =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Activation.reg =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Serials.txt =>.Crack,Keygen
C:\Users\c4\Desktop\wrar52b2.MaZiKa2daY.CoM\wrar52b2\winrar.KEYGEN-FFF.zip =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Activation.reg =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Serials.txt =>.Crack,Keygen
[MD5.2CDC3E88DD7117FFCE898B9B10BD7B19] [SPRF][21-Nov-14] (.No owner - AdsFix.) -- C:\Users\c4\Desktop\AdsFix.exe [2413056]
ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore
O[MD5.6383C805CBA4A7A27BEBB9919D64AF20] [APT] [Java Update] (...) -- C:\Program Files (x86)\Java\Java.exe [187464]
[MD5.5AFC57E409E859D48EBAC2540A8E3460] [APT] [keepup] (...) -- C:\Users\c4\AppData\Roaming\miaul\RJFC.exe [82504]
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [Office] (...) -- C:\Program Files (x86)\Office\Office.exe [187464]
O42 - Logiciel: EKF Diagnostics - (...) [HKCU][64Bits] -- EKF-Diagnostics
O42 - Logiciel: Euroimmun_Analyzer_I - (...) [HKLM][64Bits] -- {FDB6058D-ECB5-4DCB-95E7-B61D832BC614}
[HKCU\Software\Euroimmun]
[HKCU\Software\MyTransitGuide_b7]
[HKLM\Software\Wow6432Node\EUROIMMUN]
[HKLM\Software\Wow6432Node\MyTransitGuide_b7]
[HKLM\Software\Wow6432Node\WinPj]
O43 - CFD: 15-Oct-14 - 10:46:31 AM - [] ----D C:\Program Files (x86)\BD Accuri
O43 - CFD: 07-Oct-14 - 3:14:03 PM - [] ----D C:\Program Files (x86)\EUROIMMUN
O43 - CFD: 16-Nov-14 - 12:26:13 AM - [] ----D C:\Program Files (x86)\MyTransitGuide_b7
O43 - CFD: 16-Nov-14 - 12:44:23 AM - [] ----D C:\Program Files (x86)\Common Files\Config
O43 - CFD: 10-May-14 - 1:22:36 AM - [] ----D C:\ProgramData\TCE
O43 - CFD: 16-Nov-14 - 12:44:39 AM - [] ----D C:\Users\c4\AppData\Roaming\Fixs
O43 - CFD: 21-Nov-14 - 6:47:07 PM - [] ----D C:\Users\c4\AppData\Roaming\miaul
O43 - CFD: 24-Aug-14 - 2:07:22 PM - [0] ----D C:\Users\c4\AppData\Roaming\rmi
O43 - CFD: 16-Nov-14 - 12:44:42 AM - [] ----D C:\Users\c4\AppData\Roaming\SPK
O43 - CFD: 08-Sep-14 - 2:11:50 PM - [] ----D C:\Users\c4\AppData\Local\EKF-Diagnostics
O43 - CFD: 29-Oct-14 - 8:05:29 PM - [] ----D C:\Users\c4\AppData\Local\Installer
O43 - CFD: 16-Nov-14 - 12:27:38 AM - [] ----D C:\Users\c4\AppData\Local\MyTransitGuide_b7
O43 - CFD: 15-Oct-14 - 10:46:39 AM - [0] ----D C:\Users\c4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BD Accuri
[MD5.21754903D528C68329D6BECA9B671E4F] [SPRF][03-Nov-09] (...) -- C:\Users\c4\Desktop\layout.bin [422]
[MD5.A6D19C2381AD7AF78B13E6160F69C375] [SPRF][15-Apr-12] (...) -- C:\Users\c4\Desktop\u1201.exe [1435240]
[MD5.2752F141ABF5DA8C3E97267B1EF0CC68] [SPRF][20-Jul-14] (...) -- C:\Users\c4\Desktop\ultravpn-install.exe [1443785]
SS - | Demand 11-Jul-58 0 | (MyTransitGuide_b7Service) . (...) - C:\Program Files (x86)\MYTRAN~2\bar\1.bin\b7barsvc.exe
[HKCU\Software\Popajar]
[HKLM\Software\Wow6432Node\Client]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
M3 - MFPP: Plugins - [c4] -- C:\Users\c4\AppData\Roaming\Mozilla\Firefox\Profiles\h2w6n8h2.default-1416041767838\searchplugins\VenteeRo.xml =>Trojan.Vonteera
M0 - MFSP: prefs.js [c4 - h2w6n8h2.default-1416041767838] http://www.arabyonline.com
M0 - MFSP: user.js [c4 - h2w6n8h2.default-1416041767838] http://www.arabyonline.com
O2 - BHO: edccb4a004ec01329fbb0fbe6070a3f60063285 [64Bits] - {11111111-1111-1111-1111-110611321185} Orphan key
O2 - BHO: FoxPro [64Bits] - {598AC71E-BE58-3981-B78A-5C138F423AD6} . (...) -- C:\Users\c4\AppData\Roaming\VolIE\FoxPro_32.dll =>Trojan.Vonteera
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [4CEFD9B73D6C-1CRMOI2] (...) -- C:\Users\c4\AppData\Roaming\ARHome\Updater.exe [187464] =>Trojan.Vonteera
[MD5.70516B1AF02E441076D114B513B248FB] [APT] [9A5A8340-6B15] (...) -- C:\Users\c4\AppData\Roaming\ARHome\Updater.exe [187464] =>Trojan.Vonteera
[MD5.00000000000000000000000000000000] [APT] [{245897B4-F052-4B0A-993C-53CE24767440}] (...) -- C:\Users\c4\AppData\Roaming\webssearches\UninstallManager.exe (.not file.) [0] =>Hijacker.WebsSearches
[HKCU\Software\ARHome] =>Trojan.Vonteera
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera
[HKCU\Software\NoVooIT]
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera
[HKLM\Software\Wow6432Node\YourFileDownloader]
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
O43 - CFD: 15-Nov-14 - 7:49:59 PM - [] ----D C:\Program Files (x86)\Universal Updater
O43 - CFD: 21-Nov-14 - 6:47:03 PM - [] ----D C:\Users\c4\AppData\Roaming\ARHome =>Trojan.Vonteera
O43 - CFD: 21-Nov-14 - 6:47:07 PM - [] ----D C:\Users\c4\AppData\Roaming\VolIE =>Trojan.Vonteera
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598AC71E-BE58-3981-B78A-5C138F423AD6}] =>Trojan.Vonteera^
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185}] =>PUP.CrossRider
C:\Users\c4\AppData\Roaming\ARHome =>Trojan.Vonteera^
C:\Users\c4\AppData\Roaming\VolIE =>Trojan.Vonteera^
C:\Users\c4\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Users\c4\AppData\Roaming\ARHome\Updater.exe =>Trojan.Vonteera^
[HKCU\Software\ARHome] =>Trojan.Vonteera^
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera^
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\c4\AppData\Roaming\Mozilla\Firefox\Profiles\qrr4wk6e.default-1415993032286\prefs.js (.not file.)
O4 - HKLM\..\Run: [InstallerLauncher] C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\System32\DRIVERS\BAPIDRV64.sys (.not file.)
O51 - MPSK:{00d04816-a309-11e3-8252-806e6f6e6963}\AutoRun\command. (...) -- D:\CD_Start.exe (.not file.)
[MD5.B690184CD2C5D9FFAF2873EDCF306BA1] [SPRF][21-Nov-14] (...) -- C:\ProgramData\1416515000.bdinstall.bin [267641]
O51 - MPSK:{519119f3-3258-11e4-82b1-28e347ba10c1}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O2 - BHO: btorbit.com [64Bits] - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O4 - GS\QuickLaunch [c4]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" [Enabled] .(.Orbitdownloader.com.) -- C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
O87 - FAEL: "{1918787B-0FDA-4972-A9DD-37988F134C48}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{281EAC31-2321-4FF6-9A9D-528FCBB0E224}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\c4\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
[HKCU\Software\Softonic]
[HKCU\Software\Softonic]
[MD5.AB0C872B1FFE283D20C91C8E575E2F67] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\c4\AppData\Roaming\Dropbox\bin\Dropbox.exe [35419192] [PID.6872]
[HKCU\Software\AdsFix]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
HKLM\Software\AdsFix]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AdsFix]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
O44 - LFC:[MD5.F2B7BA3BBC2E7DB9BFCC732458CBD1B7] - 21-Nov-14 - 2:14:14 AM ---A- . (...) -- C:\AdsFix_21_11_2014_02_14_16.txt [49901]
O43 - CFD: 29-Oct-14 - 8:50:42 AM - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 16-Nov-14 - 12:27:54 AM - [] ----D C:\Users\c4\AppData\Roaming\Baidu
O43 - CFD: 29-Oct-14 - 8:50:33 AM - [0] ----D C:\Users\c4\AppData\Roaming\Baidu Security
C:\Users\c4\Desktop\wrar52b2.MaZiKa2daY.CoM\wrar52b2\winrar.KEYGEN-FFF.zip =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Activation.reg =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Serials.txt =>.Crack,Keygen
C:\Users\c4\Desktop\wrar52b2.MaZiKa2daY.CoM\wrar52b2\winrar.KEYGEN-FFF.zip =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Activation.reg =>.Crack,Keygen
C:\Users\c4\Dropbox\New folder\MyEgY.CoM_DLL-FiLe. Fixer_3.1.81.2877_By.MaHeR\DLL-FiLes Fixer 3.1.81.2877\Keygen\Serials.txt =>.Crack,Keygen
[MD5.2CDC3E88DD7117FFCE898B9B10BD7B19] [SPRF][21-Nov-14] (.No owner - AdsFix.) -- C:\Users\c4\Desktop\AdsFix.exe [2413056]
ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore