Rapport-ZHP.txt

Document joint : FHlqDxvuS3Y_Rapport-ZHP.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþScript ZHPFix
[MD5.10B201CC8EBFC96C0F20BC2BF3BF2144] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [977600] (.Activate.) =>HackTool.KMSpico
[MD5.00000000000000000000000000000000] [APT] [Dregol tone] (...) -- C:\ProgramData\{4A74A2B7-1AF6-7331-AB70-03B37BF2D03D}\1.17.0.1\fiber.js 433a2f50726f6772616d446174612f7b34413734413242372d314146362d373333312d414237302d3033423337424632443033447d2f312e31372e302e312f746f6e652e646c6c 687474703a2f2f73616f2e72657164726 (.not file.) [0] (.Activate.) =>PUP.Optional.Browser
[MD5.00000000000000000000000000000000] [APT] [Run_dregol] (...) -- C:\Users\nonox88\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE (.not file.) [0] (.Activate.) =>PUP.Optional.RunDregol
O39 - APT: AutoPico Daily Restart - (...) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3818] =>HackTool.KMSpico
O39 - APT: Dregol tone - (...) -- C:\WINDOWS\System32\Tasks\Dregol tone [4268] (.Orphan.) =>PUP.Optional.Browser
O39 - APT: Run_dregol - (...) -- C:\WINDOWS\System32\Tasks\Run_dregol [3358] (.Orphan.) =>PUP.Optional.RunDregol
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_014010259] (Orphan) =>PUP.Optional.CrossRider
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: KMSpico v9.2.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: QuickSearch - (.Winthrop Donatello.) [HKLM][64Bits] -- QuickSearch => PUP.Optional.FastSearch
HKLM\SOFTWARE\Wow6432Node\QuickSearch =>PUP.Optional.FastSearch
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\zdengine =>PUP.Optional.FastSearch
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\AppDataLow\Software\adawarebp =>PUP.Optional.ToolbarCleaner
O43 - CFD: 01/08/2016 - [] AD -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 07/03/2016 - [0] D -- C:\Program Files (x86)\03AA02FC-1457298016-052B-7006-500700080009 =>PUP.Optional.CrossRider
O43 - CFD: 01/08/2016 - [] D -- C:\Program Files (x86)\QuickSearch =>PUP.Optional.FastSearch
O43 - CFD: 01/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 31/07/2016 - [] D -- C:\Users\nonox88\AppData\Local\app =>PUP.Optional.CrossRider
O53 - SMSR:HKLM\...\startupreg\DeskBar [Key] . (...) -- C:\Users\nonox88\AppData\Local\DeskBar\dblaunch.exe (.not file.) => Infection BT (Softomate Toolbar)
O53 - SMSR:HKLM\...\startupreg\Prt [Key] . (...) -- C:\Users\nonox88\AppData\Local\TECHP-Browser\prtsvc.exe (.not file.) =>PUP.Optional.BrowserAir
O69 - SBI: prefs.js [nonox88 - 3voffvtc.default] user_pref("extensions.MiddleRush.cg", "34519d77-2115-4256-b42c-a2cf3bf59128"); =>PUP.Optional.MiddleRush
O87 - FAEL: "{1E0E06A4-BB72-41A0-8A08-8867F2CD6278}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (.not file.) =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{398849E3-6D35-44C6-BF88-2C183545D46F}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe (.not file.) =>PUP.Optional.DllFilesFixer
O87 - FAEL: "{DF4F600C-8231-4AC8-BFB7-C633B45A1CDA}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{7AEF6092-A842-4FA5-B05C-7CC364229138}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{ECD15934-E67B-4EA0-AF67-19E6038B3E99}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{ED947B52-81DD-40BC-85FA-885C9B71D4A3}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{6F0CE4B4-E5A1-4B06-B781-B627B5C93A3F}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{6BE4073E-EF2A-48ED-A4AB-3802BACAF062}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\Dregol tone =>PUP.Optional.Browser
C:\WINDOWS\System32\Tasks\Run_dregol =>PUP.Optional.RunDregol
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\QuickSearch =>PUP.Optional.FastSearch
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\zdengine =>PUP.Optional.FastSearch
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\AppDataLow\Software\adawarebp =>PUP.Optional.ToolbarCleaner
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files (x86)\03AA02FC-1457298016-052B-7006-500700080009 =>PUP.Optional.CrossRider
C:\Program Files (x86)\QuickSearch =>PUP.Optional.FastSearch
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\Users\nonox88\AppData\Local\app =>PUP.Optional.CrossRider
C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O43 - CFD: 28/02/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456659568031
O43 - CFD: 28/02/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456659589414
O43 - CFD: 29/02/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456745968011
O43 - CFD: 29/02/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456745984157
O43 - CFD: 01/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456832368480
O43 - CFD: 01/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456832387393
O43 - CFD: 02/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456922367854
O43 - CFD: 02/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1456922393719
O43 - CFD: 03/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457008768321
O43 - CFD: 03/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457008784046
O43 - CFD: 04/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457095168403
O43 - CFD: 04/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457095185407
O43 - CFD: 05/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457181567980
O43 - CFD: 05/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457181588031
O43 - CFD: 07/03/2016 - [] D -- C:\Users\nonox88\AppData\Local\1457267968122
[MD5.00000000000000000000000000000000] [APT] [Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864] (...) -- C:\Program Files\Bitdefender Agent\WatchDog.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8] (...) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [DNSCERES] (...) -- dnsceres.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [runTask] (...) -- %TEMP%/Updater.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Selection Tools Update] (...) -- C:\Users\nonox88\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe (.not file.) [0] (.Activate.) =>.Superfluous.Nosibay
[MD5.00000000000000000000000000000000] [APT] [updateTask] (...) -- c:/task.vbs (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Wscanner Secure] (...) -- C:\Program Files (x86)\Wscanner\secure\secureupdater.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Wscanner Updater] (...) -- C:\Program Files (x86)\Wscanner\WscannerUpdater.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty

O39 - APT: Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 - (...) -- C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 [3750] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 - (...) -- C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 [3628] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: DNSCERES - (...) -- C:\WINDOWS\System32\Tasks\DNSCERES [22270] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: runTask - (...) -- C:\WINDOWS\System32\Tasks\runTask [3362] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Selection Tools Update - (...) -- C:\WINDOWS\System32\Tasks\Selection Tools Update [3870] (.Orphan.) =>.Superfluous.Nosibay
O39 - APT: updateTask - (...) -- C:\WINDOWS\System32\Tasks\updateTask [3266] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Wscanner Secure - (...) -- C:\WINDOWS\System32\Tasks\Wscanner Secure [3186] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Wscanner Updater - (...) -- C:\WINDOWS\System32\Tasks\Wscanner Updater [3176] (.Orphan.) =>.Superfluous.Orphan
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
C:\ProgramData\Tencent =>.Superfluous.Tencent
C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent
C:\Users\nonox88\AppData\Roaming\Tencent =>.Superfluous.Tencent
P2 - FPN: [HKLM] [@qq.com/npAndroidAssistant] - (.Tencent, Inc..) -- C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
O43 - CFD: 01/08/2016 - [] D -- C:\ProgramData\Tencent =>.Superfluous.Tencent
O43 - CFD: 01/08/2016 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>.Superfluous.Tencent
O43 - CFD: 01/08/2016 - [] D -- C:\Users\nonox88\AppData\Roaming\Tencent =>.Superfluous.Tencent

SysRestore
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash

Signaler le contenu de ce document