cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix


[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}] =>PUP.GreenTreeApp^
C:\Program Files\GreenTree Applications =>PUP.GreenTreeApp^
C:\ProgramData\Microsoft Toolkit =>Trojan.AutoKMS^
[HKCU\Software\GreenTree Applications] =>PUP.GreenTreeApp^
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\Mf8s9TOUGQAfE.exe [7154944]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\UG6rIdOFanH.exe [2133360]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\sS2QUNDM1MJ.exe [477144]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\x8ORxDqf3GZDU.exe [440576]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (.Doctor Web, Ltd..) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\OekugUEDCCT1.dll [1901128]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (.Doctor Web, Ltd..) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\QQKa0zkTNj5XvOi.dll [4589872]
O61 - LFC: 15-03-2015 - 16:18:57 ---A- . (.Doctor Web, Ltd..) -- C:\Users\admin\AppData\Local\Temp\333C2580-FC184400-CD4D2200-6BA0DC00\wGdI2xf1Bo.dll [1516920]
O61 - LFC: 15-03-2015 - 16:18:58 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\ir_ext_temp_0\autorun.exe [6426112]
O61 - LFC: 15-03-2015 - 16:18:58 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\autorun.exe [6426112]
O61 - LFC: 14-03-2015 - 16:18:57 ---A- . (.Piriform Ltd.) -- C:\Users\admin\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\ccsetup503pro.exe [5325352]
O61 - LFC: 14-03-2015 - 16:18:58 ---A- . (.Piriform Ltd.) -- C:\Users\admin\AppData\Local\Temp\ir_ext_temp_1\AutoPlay\Docs\ccsetup503pro.exe [5325352]
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O44 - LFC:[MD5.8B5EF08BE91FB2F34D36592889A77B6E] - 16-03-2015 - 7:14:29 ---A- . (...) -- C:\Windows\ntbtlog.txt [425550]
O43 - CFD: 06-03-2015 - 16:17:10 - [] ----D C:\ProgramData\Microsoft Toolkit =>Trojan.AutoKMS
[HKCU\Software\GreenTree Applications] =>PUP.GreenTreeApp
O42 - Logiciel: YTD Video Downloader 4.8.9 - (.GreenTree Applications SRL.) [HKLM] -- {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>PUP.GreenTreeApp
O17 - HKLM\System\CCS\Services\Tcpip\..\{F415481E-492A-48F6-BAD9-5D6E396A5D55}: NameServer = 8.8.8.8 41.214.140.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{49E39078-9106-4BDC-978A-A869184D7197}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F415481E-492A-48F6-BAD9-5D6E396A5D55}: NameServer = 8.8.8.8 41.214.140.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{49E39078-9106-4BDC-978A-A869184D7197}: DhcpNameServer = 192.168.1.1
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O4 - GS\Desktop [Public]: YTD Video Downloader.lnk . (.GreenTree Applications SRL - YTD Video Downloader.) -- C:\Program Files\GreenTree Applications\YTD Video Downloader\ytd.exe =>PUP.GreenTreeApp


FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore

Publicité


Signaler le contenu de ce document

Publicité