cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþScript ZHPFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: Modified
G0 - GCSP: Preference [User Data\Default] http://www.nationzoom.com =>Hijacker.NationZoom
M2 - MFEP: prefs.js [Alain Principal - xcz5zuv8.default\0efc9c38-1ec7-49ed-8915-53a48b6b7600@e7f17679-2a42-4659-83c5-7ba961fdf75a.com] [] Feven 1.7 v (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [Alain Principal - xcz5zuv8.default\savingsslider@mybrowserbar.com] [] Slick Savings v2.8 (..) =>PUP.Dealio
O4 - GS\Desktop [Public]: Foxmail.lnk . (.Tencent Inc. - Foxmail 7.1.) -- C:\Foxmail 7.1\Foxmail.exe =>Adware.TencentAddressBar
O4 - GS\QuickLaunch [Alain Principal]: Foxmail.lnk . (.Tencent Inc. - Foxmail 7.1.) -- C:\Foxmail 7.1\Foxmail.exe =>Adware.TencentAddressBar
O4 - GS\SendTo [Alain Principal]: Foxmail.LNK . (.Tencent Inc. - Foxmail 7.1.) -- C:\Foxmail 7.1\Foxmail.exe =>Adware.TencentAddressBar
O23 - Service: Service KMSELDI (Service KMSELDI) . (.Pas de propriétaire - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
[MD5.D4F602B1F775B5827932D3C5B04A3FD2] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [3372032] =>Trojan.Trojan.Keygen
[MD5.C63F33ACD45A7620E8FC678A585D18AF] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [508416] =>PUP.KMSpico
O41 - Driver: (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\WINDOWS\system32\drivers\BprotectEx.sys =>Adware.BDSearch
O42 - Logiciel: Duuqu Update Helper - (.Duuqu Group.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Duuqu
O42 - Logiciel: IObit Apps Toolbar v8.2 - (.Spigot, Inc..) [HKLM][64Bits] -- {45F267AE-311F-43E2-BDAA-00D059B93BF9} =>PUP.Dealio
O42 - Logiciel: KMSpico 8.6 - (...) [HKLM][64Bits] -- KMSpico v8.6_is1 =>PUP.KMSpico
O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM][64Bits] -- {88F1349A-4F67-4DC4-9F09-F4C46323632A} =>Hijacker.SmartBar
O42 - Logiciel: oPlayer - (.object.) [HKLM][64Bits] -- {AA1B7F27-A49D-4D7F-9755-570AF5597160}
[HKCU\Software\AppDataLow\Software\IObit Apps]
[HKCU\Software\AppDataLow\Software\Slick Savings] =>PUP.Dealio
[HKCU\Software\Baidu Security] =>Adware.BDSearch
[HKCU\Software\IObit Apps]
[HKCU\Software\Tasksgr] =>Trojan.Trojan.Tasksgr
[HKLM\Software\Wow6432Node\IObit Apps]
O43 - CFD: 24/09/2013 - 11:44:21 - [2,840] ----D C:\Program Files (x86)\Baidu Security =>Adware.BDSearch
O43 - CFD: 24/09/2013 - 11:45:48 - [0,047] ----D C:\ProgramData\Baidu Security =>Adware.BDSearch
O43 - CFD: 24/09/2013 - 11:45:54 - [0,001] ----D C:\Users\Alain Principal\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 07/09/2013 - 06:22:36 - [0,001] ----D C:\Users\Alain Principal\AppData\Local\Windows_Development_Inc
O43 - CFD: 30/07/2013 - 06:42:52 - [0,003] ----D C:\Users\Alain Principal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter
O58 - SDL:[MD5.E5A08471997E00C1D761021B26925103] - 03/09/2013 - 13:10:00 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [78144] =>Adware.BDSearch
O68 - StartMenuInternet: <Chromium.3O6IXUGQ6G75XVLIZKZAXB4K24> <Chromium>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Alain Principal\AppData\Local\Chromium\Application\chrome.exe" http://www.nationzoom.com =>Hijacker.NationZoom
O90 - PUC: "098CCE33084C42149BB5AB630E521B02" . (.FrameFox Extensions 1.0.7.0.) -- C:\WINDOWS\Installer\{33ECC890-C480-4124-B95B-BA36E025B120}\FrameFox.ico =>PUP.FrameFox
O90 - PUC: "EA762F54F1132E34DBAA000D959BB39F" . (.IObit Apps Toolbar v8.2.) -- C:\WINDOWS\Installer\{45F267AE-311F-43E2-BDAA-00D059B93BF9}\ARPPRODUCTICON.exe =>PUP.Dealio
[MD5.5FF2B0F7835519063800D9F2DB535131] [WIS][22/08/2013] (.QwertyBox Team - FrameFox Extensions 1.0.7.0 Setup.) -- C:\Windows\Installer\1567c033.msi [417792] =>PUP.FrameFox
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\172581a.msi [353280] =>PUP.Babylon
[MD5.C13388A1D0EB8A495C7014805AE236EF] [WIS][19/11/2013] (.Duuqu Group - Duuqu Update Helper.) -- C:\Windows\Installer\1cf2534.msi [45056] =>PUP.Duuqu
[MD5.9C4650B4A8B29D3A2888D08DBB0FFB66] [WIS][14/11/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\e4374c.msi [4944384] =>PUP.Dealio
SS - | Auto 03/09/2013 507904 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] =>PUP.Duuqu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45F267AE-311F-43E2-BDAA-00D059B93BF9}] =>PUP.Dealio^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico v8.6_is1] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88F1349A-4F67-4DC4-9F09-F4C46323632A}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111271167}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\Users\Alain Principal\AppData\Roaming\Mozilla\Firefox\Profiles\xcz5zuv8.default\extensions\0efc9c38-1ec7-49ed-8915-53a48b6b7600@e7f17679-2a42-4659-83c5-7ba961fdf75a.com =>PUP.CrossRider^
C:\Users\Alain Principal\AppData\Roaming\Mozilla\Firefox\Profiles\xcz5zuv8.default\extensions\savingsslider@mybrowserbar.com =>PUP.Dealio^
C:\Program Files (x86)\Baidu Security =>Adware.BDSearch^
C:\ProgramData\Baidu Security =>Adware.BDSearch^
C:\Users\Alain Principal\AppData\Roaming\Baidu Security =>Adware.BDSearch^
C:\Users\Alain Principal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUP.KMSpico
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\WINDOWS\AutoKMS\AutoKMS.exe =>Trojan.Trojan.Keygen^
C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico^
[HKCU\Software\AppDataLow\Software\Slick Savings] =>PUP.Dealio^
[HKCU\Software\Baidu Security] =>Adware.BDSearch^
[HKCU\Software\Tasksgr] =>Trojan.Trojan.Tasksgr^
C:\Windows\Installer\1567c033.msi =>PUP.FrameFox^
C:\Windows\Installer\172581a.msi =>PUP.Babylon^
C:\Windows\Installer\1cf2534.msi =>PUP.Duuqu^
C:\Windows\Installer\e4374c.msi =>PUP.Dealio^
ShortcutFix
FirewallRaz
EmptyTemp





































Publicité

Signaler le contenu de ce document

Publicité