cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPfix

[MD5.E252E8EDB828F061EA2BF2248B195CE4] - (.Pay By Ads LTD - Pas de description.) -- C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe [451840] [PID.6916] =>PUP.PaybyAds
[MD5.8F077A6AF516CB1C0DDF798DAA23058B] - (.Pay By Ads LTD - Pas de description.) -- C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352] [PID.6652] =>PUP.PaybyAds
G1 - GCS: Preference [User Data\Default] http://rts.dsrlte.com =>PUP.PaybyAds
G0 - GCSP: Preference [User Data\Default][StartupURLs] http://rts.dsrlte.com =>PUP.PaybyAds
G0 - GCSP: Preference [User Data\Default] http://rts.dsrlte.com =>PUP.PaybyAds
G2 - GCE: Preference [User Data\Default] [cipdeialncdnhgdecdaehdmeipfcnkga] Search.us Home v.2.0.0.1663, (Activé) =>PUP.StartSearch
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.1 (Activé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé) =>PUP.Manager
G2 - GCE: Preference [User Data\Default] [japljgkmfjkdodonkefhknmmdbgakcia] Search.us Search v.2.0.0.1663, (Activé) =>Adware.Bandoo
G2 - EXT: C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipdeialncdnhgdecdaehdmeipfcnkga [Search.us Home] =>PUP.StartSearch
G2 - EXT: C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [Delta Toolbar] =>Toolbar.DeltaSearch
G2 - EXT: C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\japljgkmfjkdodonkefhknmmdbgakcia [Search.us Search] =>Adware.Bandoo
M3 - MFPP: Plugins - [mcd] -- C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\searchplugins\conduit-search-1.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [mcd] -- C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [mcd] -- C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\searchplugins\keepmysearch.xml =>Adware.MyWebSearch
M2 - MFEP: prefs.js [mcd - 3uj2hmy5.default\x@XZap.net] [] unaisaloEs v2.0 (..) =>PUP.UniSales
M2 - MFEP: Extension [mcd - 3uj2hmy5.default] plugin@yontoo.com.xpi =>Adware.Yontoo
M2 - MFEP: Extension [mcd - 3uj2hmy5.default] putlockerdownloader3@putlockerdownloader.com.xpi =>Spyware.PutLocker
M2 - MFEP: Extension [mcd - 3uj2hmy5.default] support@super-hide-ip.com.xpi
M2 - MFEP: Extension [mcd - 3uj2hmy5.default] unseen@tangrs.xpi
M2 - MFEP: Extension [mcd - 3uj2hmy5.default] x@XZap.net
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (...) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll (.not file.)
P2 - FPN: [HKCU] [@tightropeinteractive.com/Plugin] - (.Search.Us.com - npAPI Plugin.) -- C:\Users\mcd\AppData\Local\TNT2\2.0.0.1663\npTNT2.dll =>PUP.StartSearch
P2 - FPN: [HKCU] [@tnt2ghost.com/Plugin] - (.Search.Us.com - npAPI Ghost Plugin.) -- C:\Users\mcd\AppData\Local\TNT2\2.0.0.1663\npTNT2ghost.dll =>PUP.StartSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com =>PUP.PaybyAds
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.brothersoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.us.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.us.com =>PUP.StartSearch
O2 - BHO: TheSea.TheSeaPlugin [64Bits] - {C585D593-E7F3-4852-A200-561686EE02E4} . (...) -- mscoree.dll (.not file.)
O2 - BHO: (no name) [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} Clé orpheline
O2 - BHO: (no name) [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} Clé orpheline
O2 - BHO: (no name) [64Bits] - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Clé orpheline
O4 - GS\QuickLaunch [mcd]: StormFall.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://plarium.com =>Adware.StormFall
O4 - GS\QuickLaunch [mcd]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\mcd\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>PUP.SearchProtect
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[MD5.206665BA5958214BA239D7831FFD18FF] [APT] [dlclient Updater] (.Pay By Ads LTD.) -- C:\Users\mcd\AppData\Local\delta\delta\1.3.23.0\dlsetup.exe [471320]
[MD5.F64487396AB10165DC80BC15CF854D31] [APT] [EPUpdater] (...) -- C:\Users\mcd\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10320] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.B59AFB423CAFA8283804B17EAE08E097] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe [2468352] =>PUP.MyPCBackup
[MD5.8F077A6AF516CB1C0DDF798DAA23058B] [APT] [Yahoo! Search] (.Pay By Ads LTD.) -- C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352] =>PUP.PaybyAds
[MD5.E252E8EDB828F061EA2BF2248B195CE4] [APT] [Yahoo! Search Updater] (.Pay By Ads LTD.) -- C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe [451840] =>PUP.PaybyAds
[MD5.00000000000000000000000000000000] [APT] [{194F9DE2-2001-4046-9AE0-F83534B1C523}] (...) -- C:\Users\mcd\Downloads\Programs\Install_CopyTrans_Suite.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{82616EF5-ADE4-480C-A649-4DE4FA77FCE3}] (...) -- C:\Users\mcd\Downloads\startuplite-setup-1.07.exe (.not file.) [0]
O42 - Logiciel: Delta Chrome Toolbar - (.Visual Tools.) [HKLM][64Bits] -- Delta Chrome Toolbar =>Toolbar.DeltaSearch
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM][64Bits] -- delta =>Toolbar.DeltaSearch
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM][64Bits] -- SearchProtect =>PUP.SearchProtect
O42 - Logiciel: Search.us.com - (.Search.us.com.) [HKCU][64Bits] -- {9F5935E7-7660-47EF-8BC1-5C2DC196B3C3} =>PUP.StartSearch
O42 - Logiciel: Search.us.com - (.Search.us.com.) [HKCU][64Bits] -- {D8D934B6-AA3D-4929-99C7-29DA799C76FC} =>PUP.StartSearch
O42 - Logiciel: StormFall - (.StormFall.) [HKCU][64Bits] -- StormFall =>Adware.StormFall
O42 - Logiciel: The Sea App (Internet Explorer) - (.Growth Systems, LLC.) [HKLM][64Bits] -- The Sea App =>Adware.TheSeaApp
O42 - Logiciel: Yahoo! Search - (.Pay-By-Ads.) [HKCU][64Bits] -- Yahoo! Search =>PUP.PaybyAds
O42 - Logiciel: diamondata 3.0.0 - (.diamondata.) [HKLM][64Bits] -- diamondata =>Hijacker.Diamondata
O42 - Logiciel: unaisaloEs - (...) [HKLM][64Bits] -- {4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} =>PUP.UniSales
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BitTorrent] =>P2P.BitTorren
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\TNT2] =>Adware.TidyNetwork
[HKCU\Software\The Sea App] =>Adware.TheSeaApp
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKCU\Software\diamondata] =>Hijacker.Diamondata
[HKLM\Software\Wow6432Node\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\Wow6432Node\StartNow Toolbar] =>Adware.Zugo
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\diamondata] =>Hijacker.Diamondata
O43 - CFD: 09/08/2014 - 14:47:10 - [] ----D C:\Program Files (x86)\diamondata =>Hijacker.Diamondata
O43 - CFD: 22/10/2013 - 20:45:26 - [] ----D C:\Program Files (x86)\SearchProtect =>PUP.SearchProtect
O43 - CFD: 07/09/2013 - 00:18:30 - [] ----D C:\Program Files (x86)\The Sea App (Internet Explorer) =>Adware.TheSeaApp
O43 - CFD: 14/01/2015 - 00:08:17 - [] ----D C:\Program Files (x86)\unaisaloEs =>PUP.UniSales
O43 - CFD: 07/09/2013 - 00:28:09 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 11/06/2015 - 23:04:40 - [] ----D C:\ProgramData\ldlajliohkfhfbgogaoiijhbiambpnlc
O43 - CFD: 07/09/2013 - 00:28:47 - [] ----D C:\Users\mcd\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 07/09/2013 - 00:28:12 - [] ----D C:\Users\mcd\AppData\Roaming\GoforFiles =>P2P.GoforFiles
O43 - CFD: 10/05/2013 - 10:56:16 - [0] ----D C:\Users\mcd\AppData\Roaming\PerformerSoft =>PUP.PerformerSoft
O43 - CFD: 12/06/2015 - 20:51:47 - [] ----D C:\Users\mcd\AppData\Roaming\StormFall =>Adware.StormFall
O43 - CFD: 23/06/2015 - 02:26:27 - [] ----D C:\Users\mcd\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 14/06/2014 - 11:58:12 - [] ----D C:\Users\mcd\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 10/08/2013 - 09:19:56 - [] ----D C:\Users\mcd\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 12/06/2015 - 20:51:44 - [0] ----D C:\Users\mcd\AppData\Local\StormFall =>Adware.StormFall
O43 - CFD: 23/10/2013 - 19:31:43 - [] ----D C:\Users\mcd\AppData\Local\TNT2 =>Adware.TidyNetwork
O43 - CFD: 12/06/2015 - 20:51:48 - [] ----D C:\Users\mcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall =>Adware.StormFall
O45 - LFCP:[MD5.EA795954E42310693DD70A3000368392] - 23/06/2015 - 16:57:01 ---A- - C:\Windows\Prefetch\BABMAINT.EXE-8AB5B660.pf =>Hijacker.BabSolution
O45 - LFCP:[MD5.BD0825CD8D324A09923D87680039C879] - 14/05/2015 - 10:02:31 ---A- - C:\Windows\Prefetch\BABMAINT.EXE-AEF83788.pf =>Hijacker.BabSolution
O45 - LFCP:[MD5.4A843EC17F6FA3BFD31A990FC76D32B3] - 27/05/2015 - 18:41:24 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-4B7343DF.pf =>P2P.µTorrent
O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (...) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Overwolf [Key] . (...) -- C:\Program Files (x86)\Overwolf\Overwolf.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\mcd\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O53 - SMSR:HKLM\...\startupreg\Yahoo! Search [Key] . (.Pay By Ads LTD - Pas de description.) -- C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe =>PUP.PaybyAds
O67 - Shell Spawning: <.js> [HKCU\..\open\Command] (.Not Key.)
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.admin", false); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.id", "b031937b000000000000f46d04852ee7"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.instlDay", "15627"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=b031937b000000000000f46d04852e[...] =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:46:34"); =>PUP.Babylon
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.id", "b031937b000000000000f46d04852ee7");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.instlDay", "15755");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.vrsnTs", "1.8.10.021:29:48");
O69 - SBI: prefs.js [mcd - 3uj2hmy5.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: SearchScopes [HKCU] 8A88BF511E98444EA40F53229121F7FA - (Search.us) - http://search.us.com =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://www.searchgol.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {251958BF-45FF-4949-94E2-577BD255B046} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {722823F3-700A-4E41-AE5D-1FECDC00B37C} - (Yahoo! Search) - http://rts.dsrlte.com =>PUP.PaybyAds
O69 - SBI: SearchScopes [HKCU] {A1756BCA-8636-450D-A9A4-958DEDE612D5} - (Yahoo!) - http://search.yahoo.com
C:\Users\mcd\Desktop\Hack\BackTrack 5 R3\VMware.Workstation.v8.0.0.471780.Incl.Keymaker-ZWT\keygen.exe =>.Crack,Keygen
C:\Users\mcd\Desktop\Hack\BackTrack 5 R3\VMware.Workstation.v8.0.0.471780.Incl.Keymaker-ZWT\keygen.exe =>.Crack,Keygen
O87 - FAEL: "{A7BFCF00-D067-43F6-9089-5D942320270D}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\mcd\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4CB15E18-0792-404B-BBFA-9B9906D79F91}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\mcd\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\78f54e.msi [573440] =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\updatediamondata_RASAPI32 =>Hijacker.Diamondata
HKLM\SOFTWARE\Microsoft\Tracing\updatediamondata_RASMANCS =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32 =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FunmoodsSetup_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FunmoodsSetup_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASAPI32 =>PUP.PerformerSoft
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCPerformer_RASMANCS =>PUP.PerformerSoft
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PutLockerDownloader_RASAPI32 =>Spyware.PutLocker
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PutLockerDownloader_RASMANCS =>Spyware.PutLocker
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_le-conjugueur_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_le-conjugueur_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\startnow_RASAPI32 =>Adware.Zugo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\startnow_RASMANCS =>Adware.Zugo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatediamondata_RASAPI32 =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatediamondata_RASMANCS =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utildiamondata_RASAPI32 =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utildiamondata_RASMANCS =>Hijacker.Diamondata
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-02F0_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-02F0_RASMANCS =>Adware.Yontoo
[HKLM\Software\Google\Chrome\Extensions\cipdeialncdnhgdecdaehdmeipfcnkga] =>PUP.StartSearch^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\flpcjncodpafbgdpnkljologafpionhb] =>PUP.Manager^
[HKLM\Software\Google\Chrome\Extensions\japljgkmfjkdodonkefhknmmdbgakcia] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\delta] =>Toolbar.DeltaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.SearchProtect^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9F5935E7-7660-47EF-8BC1-5C2DC196B3C3}] =>PUP.StartSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8D934B6-AA3D-4929-99C7-29DA799C76FC}] =>PUP.StartSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\StormFall] =>Adware.StormFall^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\The Sea App] =>Adware.TheSeaApp^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\diamondata] =>Hijacker.Diamondata^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}] =>PUP.UniSales^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Yahoo! Search] =>PUP.PaybyAds^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] =>Toolbar.Ask&Record
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipdeialncdnhgdecdaehdmeipfcnkga =>PUP.StartSearch^
C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\flpcjncodpafbgdpnkljologafpionhb =>PUP.Manager^
C:\Users\mcd\AppData\Local\Google\Chrome\User Data\Default\Extensions\japljgkmfjkdodonkefhknmmdbgakcia =>Adware.Bandoo^
C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\extensions\x@XZap.net =>PUP.UniSales^
C:\Program Files (x86)\diamondata =>Hijacker.Diamondata^
C:\Program Files (x86)\OLBPre =>PUP.MyPCBackup^
C:\Program Files (x86)\SearchProtect =>PUP.SearchProtect^
C:\Program Files (x86)\The Sea App (Internet Explorer) =>Adware.TheSeaApp^
C:\Program Files (x86)\unaisaloEs =>PUP.UniSales^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\Users\mcd\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\mcd\AppData\Roaming\GoforFiles =>P2P.GoforFiles^
C:\Users\mcd\AppData\Roaming\PerformerSoft =>PUP.PerformerSoft^
C:\Users\mcd\AppData\Roaming\StormFall =>Adware.StormFall^
C:\Users\mcd\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\mcd\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
C:\Users\mcd\AppData\Local\SearchProtect =>PUP.SearchProtect^
C:\Users\mcd\AppData\Local\StormFall =>Adware.StormFall^
C:\Users\mcd\AppData\Local\TNT2 =>Adware.TidyNetwork^
C:\Users\mcd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall =>Adware.StormFall^
C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe =>PUP.PaybyAds^
C:\Users\mcd\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe =>PUP.PaybyAds^
C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\Extensions\plugin@yontoo.com.xpi =>Adware.Yontoo^
C:\Users\mcd\AppData\Roaming\Mozilla\Firefox\Profiles\3uj2hmy5.default\Extensions\putlockerdownloader3@putlockerdownloader.com.xpi =>Spyware.PutLocker^
C:\Users\mcd\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^
C:\Program Files (x86)\OLBPre\OLBPre.exe =>PUP.MyPCBackup^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\GoforFiles] =>P2P.GoforFiles^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKCU\Software\TNT2] =>Adware.TidyNetwork^
[HKCU\Software\The Sea App] =>Adware.TheSeaApp^
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader^
[HKCU\Software\diamondata] =>Hijacker.Diamondata^
[HKLM\Software\Wow6432Node\GoforFiles] =>P2P.GoforFiles^
[HKLM\Software\Wow6432Node\StartNow Toolbar] =>Adware.Zugo^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\diamondata] =>Hijacker.Diamondata^
C:\Windows\Installer\78f54e.msi =>Toolbar.DeltaSearch


FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore

Publicité


Signaler le contenu de ce document

Publicité