Format du document : text/plain
Prévisualisation
Script zhpfix
[HKCU\Software\Pando Networks]
[HKLM\Software\Pando Networks]
O43 - CFD: 04/11/2013 - 07:45:06 - [7,182] ----D C:\Program Files\Pando Networks
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
M2 - MFEP: prefs.js [Ferrero - sk5jm58a.default\{9473F86A-8CD2-0C01-CF9E-946854F63D87}] [] Ask New Tabs v5.0.0.11465 (..)
P2 - FPN: [HKCU] [@tightropeinteractive.com/Plugin] - (.Search.Us.com - npAPI Plugin.) -- C:\Users\Ferrero\AppData\Local\TNT2\2.0.0.1599\npTNT2.dll =>PUP.StartSearch
P2 - FPN: [HKCU] [@tnt2ghost.com/Plugin] - (.Search.Us.com - npAPI Ghost Plugin.) -- C:\Users\Ferrero\AppData\Local\TNT2\2.0.0.1599\npTNT2ghost.dll =>PUP.StartSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
O2 - BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} . (...) -- C:\PROGRA~1\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll (.not file.) =>PUP.MoviesToolbar
O2 - BHO: Ask Toolbar BHO - {4F524A2D-5637-006A-76A7-7A786E7484D7} . (...) -- "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll" (.not file.) =>Toolbar.Ask
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (...) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll =>Toolbar.Google
O3 - Toolbar: &Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (...) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll =>Toolbar.Google
O3 - Toolbar: Ask Toolbar - [HKLM]{4F524A2D-5637-006A-76A7-7A786E7484D7} . (...) -- C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-V7\Passport.dll =>Toolbar.Ask
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O9 - Extra button: Console Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O20 - AppInit_DLLs: . (...) - C:\Program Files\MOVIES~1\SAFETY~1\SAFETY~2.dll (.not file.)
O23 - Service: SafetyNut Manager (SafetyNutManager2) . (...) - C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe (.not file.) =>PUP.MoviesToolbar
O23 - Service: Util LinkSwift (Util LinkSwift) . (...) - C:\Program Files\LinkSwift\bin\utilLinkSwift.exe (.not file.) =>PUP.LinkSwift
O36 - AppCertDlls: (x64) . (...) -- c:\program files\movies toolbar\safetynut\x64\safetycrt.dll =>PUP.MoviesToolbar
O36 - AppCertDlls: (x86) . (...) -- c:\program files\movies toolbar\safetynut\safetycrt.dll =>PUP.MoviesToolbar
O42 - Logiciel: Search.us.com - (.Search.us.com.) [HKCU] -- {55FD4ACD-A4E6-4A7D-9799-CA3594A0651A} =>PUP.StartSearch
[HKLM\Software\Better Surf Plus]
[HKLM\Software\Better-Surf] =>PUP.BetterSurf
[HKLM\Software\BetterSurf] =>PUP.BetterSurf
[HKLM\Software\CoolPic] =>Adware.Incredibar
O43 - CFD: 30/10/2013 - 09:37:46 - [8,583] ----D C:\Program Files\CoolPic =>Adware.Incredibar
O43 - CFD: 30/10/2013 - 08:49:14 - [0,180] ----D C:\Program Files\V-bates =>Adware.Incredibar
O43 - CFD: 30/10/2013 - 09:39:25 - [0] ----D C:\Users\Ferrero\AppData\Local\ElectroLyrics-16 =>Adware.AddLyrics
O69 - SBI: SearchScopes [HKCU] {0E93C76A-E7DB-4690-BD5A-90D1A50190E7} - (Yahoo!) - http://search.yahoo.com
O87 - FAEL: "{AADCBA23-C1F9-4A16-8412-CBA089D27645}" |In - None - P6 - TRUE | .(...) -- C:\Program Files\WinZip Driver Updater\winzipdu.exe (.not file.)
O87 - FAEL: "{0A175A53-4697-46B5-BEF8-E90DB9EC95FB}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.MoviesToolbar
O87 - FAEL: "{EE66F4C2-CC2B-4349-824A-61CE4D84212B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Movies Toolbar\SafetyNut\SRTOOL~1\IE\dtUser.exe (.not file.) =>PUP.MoviesToolbar
O87 - FAEL: "{E0FFEAD5-012A-466D-80B3-2BB48A173BC4}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
O90 - PUC: "D2A425F47365A600677A7A857BC06000" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-006A-76A7-A758B70C0600}\ToolbarIcon.exe =>Toolbar.Ask
[MD5.D57323DC36D85DBA08AA4D2FCA44C674] [WIS][19/10/2013] (.APN, LLC - Ask Toolbar.) -- C:\Windows\Installer\113252.msi [461312] =>Toolbar.Ask
[MD5.9B5C4F545C6E7502A9B6F3DA900C6333] [WIS][11/06/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\6c187.msi [23040] =>Toolbar.Google
SS - | Auto 10/07/1658 0 | (SafetyNutManager2) . (...) - C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe =>PUP.MoviesToolbar
SS - | Auto 10/07/1658 0 | (Util LinkSwift) . (...) - C:\Program Files\LinkSwift\bin\utilLinkSwift.exe =>PUP.LinkSwift
SS - | Disabled 07/10/2013 188760 | (V-bates Updater) . (...) - C:\Program Files\V-bates\ExtensionUpdaterService.exe =>Adware.Incredibar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}] =>PUP.MoviesToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^
[HKLM\SYSTEM\CurrentControlSet\Services\SafetyNutManager2] =>PUP.MoviesToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\Util LinkSwift] =>PUP.LinkSwift^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55FD4ACD-A4E6-4A7D-9799-CA3594A0651A}] =>PUP.StartSearch^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:\Program Files\CoolPic =>Adware.Incredibar^
C:\Program Files\V-bates =>Adware.Incredibar^
C:\Users\Ferrero\AppData\Local\ElectroLyrics-16 =>Adware.AddLyrics^
C:\Users\Ferrero\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay
[HKLM\Software\Better-Surf] =>PUP.BetterSurf^
[HKLM\Software\BetterSurf] =>PUP.BetterSurf^
[HKLM\Software\CoolPic] =>Adware.Incredibar^
[HKLM\Software\V-bates] =>Adware.Incredibar^
C:\Windows\Installer\113252.msi =>Toolbar.Ask^
C:\Windows\Installer\6c187.msi =>Toolbar.Google^
Emptytemp
emptyflash