cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore

[MD5.3CB03C134F7307866B3C52735CDFAE76] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [734208] =>Trojan.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [{893E0636-B227-4AC4-AA41-CB06ADC2011C}] (...) -- C:\Users\anthony\AppData\Local\BeamriseUninstall\Bootstrapper{1.Y2VqPwRP.100}.exe (.not file.) [0] =>Hijacker.Beamrise
O39 - APT: AutoKMS - (...) -- C:\Windows\Tasks\AutoKMS.job [314] =>Hijacker.iHaveNet
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [314] =>Trojan.AutoKMS
[HKCU\Software\Beamrise] =>Hijacker.Beamrise
O43 - CFD: 09/06/2013 - 19:12:46 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 12/03/2014 - 21:20:15 - [] ----D C:\Users\anthony\AppData\Roaming\nationzoom =>Hijacker.NationZoom
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\anthony\AppData\Roaming\nationzoom =>Hijacker.NationZoom^
C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.AutoKMS^
C:\Windows\Tasks\AutoKMS.job =>Hijacker.iHaveNet^
C:\Windows\System32\Tasks\AutoKMS =>Trojan.AutoKMS^
[HKCU\Software\Beamrise] =>Hijacker.Beamrise^
C:\Windows\KMSEmulator.exe =>Hijacker.Windows
[HKCU\Software\ELIGCHK]
[HKCU\Software\TPUKey]
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKLM\..\Wow6432Node\Run: [vspdfprsrv.exe] . (.Visagesoft - PDF Pro 10 Creator.) -- C:\Program Files (x86)\PDF Pro 10\vspdfprsrv.exe
O4 - HKUS\S-1-5-21-605459465-3663228525-1435895634-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Cl� orpheline
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001Core] (.Facebook Inc..) -- C:\Users\anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001UA] (.Facebook Inc..) -- C:\Users\anthony\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.00000000000000000000000000000000] [APT] [{12807086-DAE9-4C5A-A9CC-E6968245EEF2}] (...) -- F:\Counter Strike 1.6 [Portable]\Counter Strike 1.6 [Portable].exe (.not file.) [0]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001Core.job [928]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001Core [928]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001UA.job [950]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-605459465-3663228525-1435895634-1001UA [950]
O61 - LFC: 06/10/2014 - 14:57:20 ---A- . (.Microsoft Corporation.) -- C:\Users\anthony\AppData\Local\Temp\is-7CCM0.tmp\_isetup\_shfoldr.dll [23312]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
[HKLM\Software\Wow6432Node\Software]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O61 - LFC: 06/10/2014 - 14:57:39 ---A- . (.Nullsoft.) -- C:\Users\anthony\Downloads\Adobe Acrobat Pro\Adobe Acrobat Pro.exe [12582912]
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O43 - CFD: 08/07/2013 - 11:43:56 - [] ----D C:\ProgramData\APN
O43 - CFD: 24/08/2014 - 20:40:27 - [0] ----D C:\Users\anthony\AppData\Local\CRE

Publicité


Signaler le contenu de ce document

Publicité