Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://houmpage.com/ =>PUP.Optional.Browser
G2 - GCE: Preference [User Data\Default] [lkemddiljapcmhicklfpcbpfffahfbja] [http://www.linkszb.com/addon/chrome/update.xml] Web Navigation =>Hijacker.Browser
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [GarenaPlus] . (.Copyright (C) 2010-2012 Garena Online Pte Ltd - Garena+.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe {4EEAD9745E9F68E71D871268ABF2041C}
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKCU\..\Run: [IDM trial reset] . (...) -- D:\IDM Auto Trial Reset\IDMan Trial Reset by Chamsoo.exe
O4 - HKLM\..\Wow6432Node\Run: [USB Antivirus] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe {00CCE1EA3E08123F0BC1B492F00E40C9BA} ©
O4 - HKLM\..\Wow6432Node\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe {00CCE1EA3E08123F0BC1B492F00E40C9BA} ©
O4 - HKLM\..\Wow6432Node\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe =>.Nuance Communications, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe =>.Nuance Communications, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe =>.Nuance Communications, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [PPort11reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe =>.Nuance Communications, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Copyright (C) 2005 - 2012 Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe ©
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe =>.Malwarebytes Corporation®
O4 - HKUS\S-1-5-21-1788190544-2841081292-2523875018-1001\..\Run: [GarenaPlus] . (.Copyright (C) 2010-2012 Garena Online Pte Ltd - Garena+.) -- C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe {4EEAD9745E9F68E71D871268ABF2041C}
O4 - HKUS\S-1-5-21-1788190544-2841081292-2523875018-1001\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft®
O4 - HKUS\S-1-5-21-1788190544-2841081292-2523875018-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKUS\S-1-5-21-1788190544-2841081292-2523875018-1001\..\Run: [IDM trial reset] . (...) -- D:\IDM Auto Trial Reset\IDMan Trial Reset by Chamsoo.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24BE20B7-5B6D-44C9-9666-62076CCA95C6}: DhcpNameServer = 192.168.1.1 192.168.1.1
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\TrustedStart =>PUP.Optional.Browser
O43 - CFD: 05/12/2015 - [] D -- C:\Users\pc\AppData\Local\Cooking Video =>PUP.Optional.CookingVideo*
O43 - CFD: 23/12/2015 - [] D -- C:\Users\pc\AppData\Local\Temp
O43 - CFD: 18/11/2015 - [0] SHD -- C:\Users\pc\AppData\Local\Temporary Internet Files
O87 - FAEL: "{43CF5647-695B-4F7C-92FE-E4325C944902}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{EAD904B8-D52F-4DDD-AA0D-7221299EE96A}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{CEA1E0FA-9745-4854-BEF0-967502E304A0}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{449C856A-88F0-4A33-96FA-6E9C4EFBCF53}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{9430E88D-683A-423D-909B-588EB82A917C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{9B2F4DEE-4C42-43C6-9F14-7CF354EC7268}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{C29211CE-B22D-4AE3-A11B-9567F2B3B9E9}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{BD26DEEB-BB90-469D-B49C-22779E4FE4BB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{2D9DBAF9-ADC6-4939-94AE-32E5444D3F26}D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" [In-None-P6-TRUE] .(...) -- D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "UDP Query User{5D759130-80C1-4960-A51E-E957AC3E4E6E}D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" [In-None-P17-TRUE] .(...) -- D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "{1ED9C66F-B2CB-4E34-92F4-4D659D9386D5}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "{E9720CD8-6FC9-407F-AFA5-EFA42DF2288F}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe (.not file.) =>HackTool.KMSpico
O87 - FAEL: "TCP Query User{DC0CB0FE-F12A-4B00-84B1-D840D96E840E}D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" [In-None-P6-TRUE] .(...) -- D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "UDP Query User{80A6092B-17EE-424B-BCCD-1BF7F5A42FC0}D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe" [In-None-P17-TRUE] .(...) -- D:\jeux\dmc devi may cry\binaries\win32\dmc-devilmaycry.exe
O87 - FAEL: "TCP Query User{8D409F4B-DB6A-4A68-9D19-8D67A5FC8A46}C:\program files (x86)\garena classic\garena.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\garena classic\garena.exe (.not file.)
O87 - FAEL: "UDP Query User{AF18CC11-39DF-4FE0-AD38-21293FA277A1}C:\program files (x86)\garena classic\garena.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\garena classic\garena.exe (.not file.)
O87 - FAEL: "TCP Query User{2D17EFA9-B301-4A1C-8E88-E81464D0206D}D:\jeux\yu-gi-oh!\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P6-TRUE] .(...) -- D:\jeux\yu-gi-oh!\yu-gi-oh!\joey the passion\joey_pc.exe
O87 - FAEL: "UDP Query User{BE7B001F-BF6B-4494-9562-2A4F2048D29E}D:\jeux\yu-gi-oh!\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P17-TRUE] .(...) -- D:\jeux\yu-gi-oh!\yu-gi-oh!\joey the passion\joey_pc.exe
C:\Users\pc\AppData\Local\Cooking Video\{E63158DF-E2DC-0D34-1AC4-56A2F8D8A2DD}\CookingVideo.dll =>PUP.Optional.CookingVideo*
C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja =>Hijacker.Browser
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\TrustedStart =>PUP.Optional.Browser
C:\Users\pc\AppData\Local\Cooking Video =>PUP.Optional.CookingVideo*