cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.7.) (No version) -- (.not file.)
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AntiWormUpdate] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\iteret\IDMan.exe
O4 - HKCU\..\Run: [AntiWormUpdate] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe
O4 - HKLM\..\policies\Explorer\Run: [] Orphan key
O4 - HKUS\S-1-5-21-3408654721-1949693855-3764176905-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\iteret\IDMan.exe
O4 - HKUS\S-1-5-21-3408654721-1949693855-3764176905-1000\..\Run: [AntiWormUpdate] . (.AutoIt Team - AutoIt v3 Script.) -- C:\Google\AutoIt3.exe
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - ???? Shim ?????? ?????? ??????????.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{17665475-0E92-40F4-B7C9-230DBF0775BC}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{42786EE9-87C2-4CEC-9430-263B496F5BB7}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DEA5596-D2BD-47CB-AD4C-5335E1CEF7F1}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CCS\Services\Tcpip\..\{593AE481-E4DB-44E7-A7C7-86B7BFC4EC8B}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1954F5E-94E1-45D7-987F-EA3F14784C8A}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCC2254D-34CB-409C-B21B-3F9882EFC205}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{17665475-0E92-40F4-B7C9-230DBF0775BC}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{42786EE9-87C2-4CEC-9430-263B496F5BB7}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{4DEA5596-D2BD-47CB-AD4C-5335E1CEF7F1}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CS1\Services\Tcpip\..\{593AE481-E4DB-44E7-A7C7-86B7BFC4EC8B}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CS1\Services\Tcpip\..\{F1954F5E-94E1-45D7-987F-EA3F14784C8A}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{FCC2254D-34CB-409C-B21B-3F9882EFC205}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{17665475-0E92-40F4-B7C9-230DBF0775BC}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{42786EE9-87C2-4CEC-9430-263B496F5BB7}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{4DEA5596-D2BD-47CB-AD4C-5335E1CEF7F1}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CS2\Services\Tcpip\..\{593AE481-E4DB-44E7-A7C7-86B7BFC4EC8B}: NameServer = 8.8.8.8 193.251.169.165
O17 - HKLM\System\CS2\Services\Tcpip\..\{F1954F5E-94E1-45D7-987F-EA3F14784C8A}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{FCC2254D-34CB-409C-B21B-3F9882EFC205}: NameServer = 209.244.0.3 8.8.8.8
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\?�??�?????��??�?�?���??�??�???]
[HKLM\Software\SupDp] =>PUP.SupTab
O43 - CFD: 3/1/2015 - 01:06:41 ? - [0] ----D C:\Program Files\Settings Manager =>PUP.SystemK
O43 - CFD: 2/25/2015 - 11:09:12 ? - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 2/10/2015 - 11:09:01 ? - [] ----D C:\Users\1987\AppData\Roaming\omiga-plus =>Hijacker.OmigaPlus
O43 - CFD: 3/1/2015 - 10:31:36 ? - [] ----D C:\Users\1987\AppData\Local\Temp
O51 - MPSK:{030a67bb-bcd2-11e4-b107-f23043b7cde7}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{527283f0-9b15-11e4-971d-92a35118dda1}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{527283fc-9b15-11e4-971d-f7679f5a722e}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{6214f592-9dbf-11e4-8d1f-f4effff09a17}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{ed27ba3f-9cf1-11e4-8bc6-cfbb666aba88}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O61 - LFC: 2/25/2015 - 10:33:39 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\nsxDCB2.tmp\InetBgDL.dll [37376]
O61 - LFC: 2/25/2015 - 10:33:39 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\nsxDCB2.tmp\System.dll [11264]
O61 - LFC: 2/25/2015 - 10:33:39 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\nsxDCB2.tmp\UAC.dll [18432]
O61 - LFC: 2/25/2015 - 10:33:39 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\nsxDCB2.tmp\download.exe [262144]
O61 - LFC: 2/25/2015 - 10:33:39 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\nsxDCB2.tmp\nsDialogs.dll [9728]
O61 - LFC: 2/24/2015 - 10:33:38 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\FBScanner_097676663\945114718834393.exe [749294]
O61 - LFC: 2/24/2015 - 10:33:38 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\FBScanner_097676663\ESET.exe [214112]
O61 - LFC: 2/27/2015 - 10:33:38 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\FBScanner_990650663\ESET.exe [197728]
O61 - LFC: 2/27/2015 - 10:33:38 ? ---A- . (...) -- C:\Users\1987\AppData\Local\Temp\msi49039.exe [2391869]
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\DigiHelp_RASAPI32 =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\DigiHelp_RASMANCS =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\DigiHelp_Setup_RASAPI32 =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\DigiHelp_Setup_RASMANCS =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\updateDigiHelp_RASAPI32 =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\updateDigiHelp_RASMANCS =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\utilDigiHelp_RASAPI32 =>PUP.DigiHelp
HKLM\SOFTWARE\Microsoft\Tracing\utilDigiHelp_RASMANCS =>PUP.DigiHelp[HKCR\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}] (SmdmF Module) =>PUP.SystemK
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}] =>Adware.Bandoo^
C:\Program Files\Settings Manager =>PUP.SystemK^
C:\Users\1987\AppData\Roaming\omiga-plus =>Hijacker.OmigaPlus^
C:\Users\1987\AppData\Roaming\RHEng =>PUP.Conduit^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\SupDp] =>PUP.SupTab^
[HKCR\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}] (SmdmF Module) =>PUP.SystemK^

FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore

Publicité


Signaler le contenu de ce document

Publicité