Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
C:\Windows\Prefetch\BYTEFENCE.EXE-2DF51D43.pf =>.Superfluous.ByteFence
C:\Windows\Prefetch\SUC12_DISKCLEANER.EXE-9567C173.pf =>.Superfluous.DiskCleaner
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteFence
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteFence
C:\Users\Abdou Najoula\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
C:\Users\Abdou Najoula\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic
C:\Users\Abdou Najoula\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
[MD5.00000000000000000000000000000000] [APT] [{F5A26DB4-04BC-4AA9-B49E-C80DC5960EA3}] (...) -- C:\Users\Abdou Najoula\Documents\EGDownloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: {F5A26DB4-04BC-4AA9-B49E-C80DC5960EA3} - (...) -- C:\Windows\System32\Tasks\{F5A26DB4-04BC-4AA9-B49E-C80DC5960EA3} [3452] (.Orphan.) =>.Superfluous.Orphan
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
O45 - LFCP:[MD5.085E1207098A92604DED6E8739DD0B22] 24/10/2016 A -- C:\Windows\Prefetch\BYTEFENCE.EXE-2DF51D43.pf =>.Superfluous.ByteFence
O45 - LFCP:[MD5.91E0F9EFFB039625EBE0FE2E9191F065] 26/10/2016 A -- C:\Windows\Prefetch\SUC12_DISKCLEANER.EXE-9567C173.pf =>.Superfluous.DiskCleaner
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteFence
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteFence
O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\QuickTime =>Riskware.QuickTime
O4 - HKCU\..\Run: [AF14] C:\Users\Abdou Najoula\Desktop\abdou\auto[1]\Ultimate Facebook Groups Auto Poster\Auto Facebook 2014.exe (.not file.)
O4 - HKUS\S-1-5-21-1762004214-923727969-2652352464-1001\..\Run: [AF14] C:\Users\Abdou Najoula\Desktop\abdou\auto[1]\Ultimate Facebook Groups Auto Poster\Auto Facebook 2014.exe (.not file.)
O87 - FAEL: "TCP Query User{4C7F6F1F-7746-4710-9A97-07B61E8AA404}C:\users\abdou najoula\desktop\abdou\dcc296\dcc296\dcc.exe" [In-None-P6-TRUE] .(...) -- C:\users\abdou najoula\desktop\abdou\dcc296\dcc296\dcc.exe (.not file.)
O87 - FAEL: "UDP Query User{635268F5-C6E5-423E-90ED-BAC14E7E5BA4}C:\users\abdou najoula\desktop\abdou\dcc296\dcc296\dcc.exe" [In-None-P17-TRUE] .(...) -- C:\users\abdou najoula\desktop\abdou\dcc296\dcc296\dcc.exe (.not file.)
O87 - FAEL: "TCP Query User{48307C22-7B79-429D-AEA2-7B853C97572B}C:\users\abdou najoula\desktop\destv1.9\mainplug.ocx" [In-None-P6-TRUE] .(...) -- C:\users\abdou najoula\desktop\destv1.9\mainplug.ocx (.not file.)
O87 - FAEL: "UDP Query User{0B72090E-E687-4CE9-9F78-8FF4394797C3}C:\users\abdou najoula\desktop\destv1.9\mainplug.ocx" [In-None-P17-TRUE] .(...) -- C:\users\abdou najoula\desktop\destv1.9\mainplug.ocx (.not file.)
O87 - FAEL: "TCP Query User{A5EFAC20-5FD1-4BA8-A969-5F73D51762D1}E:\destv1.9\mainplug.ocx" [In-None-P6-TRUE] .(...) -- E:\destv1.9\mainplug.ocx (.not file.)
O87 - FAEL: "UDP Query User{F3518C4A-86EE-43A0-A8E8-134B804F8B5B}E:\destv1.9\mainplug.ocx" [In-None-P17-TRUE] .(...) -- E:\destv1.9\mainplug.ocx (.not file.)
O87 - FAEL: "TCP Query User{BED76FA4-8917-4A5A-9470-167541B36349}G:\destv1.8\mainplug.ocx" [In-None-P6-TRUE] .(...) -- G:\destv1.8\mainplug.ocx (.not file.)
O87 - FAEL: "UDP Query User{E039A567-C725-4055-A7A4-56FBFB42D812}G:\destv1.8\mainplug.ocx" [In-None-P17-TRUE] .(...) -- G:\destv1.8\mainplug.ocx (.not file.)
O87 - FAEL: "TCP Query User{35DE2BEB-5B00-41F9-BCBF-270A8A009BF8}C:\ccproxy\ccproxy.exe" [In-None-P6-TRUE] .(...) -- C:\ccproxy\ccproxy.exe (.not file.)
O87 - FAEL: "UDP Query User{3E1AAB34-231B-409B-A472-FD6CBB448CE2}C:\ccproxy\ccproxy.exe" [In-None-P17-TRUE] .(...) -- C:\ccproxy\ccproxy.exe (.not file.)
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\OneDrive Standalone Update Task [3374]
G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.mixpanel.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients5.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh3.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mozbar.moz.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ogs.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®