cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþScript ZHPFix
[MD5.AEE64FBF67CB3BD0E79C7B9BBCCD0E91] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files\iSafe\iSafeTray.exe [1010848] [PID.1224] =>Trojan.Staser
[MD5.EB53A5BC8B32DBE7F01EF91ECB6E44A0] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files\iSafe\iSafeSvc.exe [115320] [PID.1028] =>Trojan.Staser
[MD5.61CD73D8B3A4F61985365A0AD80FF69A] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files\iSafe\iSafeSvc2.exe [115320] [PID.1064] =>Trojan.Staser
[MD5.61153CEF3D7CD019F50492576BABF3D2] - (...) -- C:\Program Files\iSafe\ipcdl.exe [2228896] [PID.4532] =>Trojan.Staser
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com =>PUP.AArtemis
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com =>PUP.AArtemis
O4 - GS\Desktop [Public]: YAC.lnk . (.Elex do Brasil Participações Ltda - iStart.) -- C:\Program Files\iSafe\iStart.exe =>Trojan.Staser
O23 - Service: iSafeService (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files\iSafe\iSafeSvc.exe =>Trojan.Staser
O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - C:\Program Files\iSafe\iSafeKrnl.sys =>Trojan.Staser
O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files\iSafe\iSafeKrnlKit.sys =>Trojan.Staser
O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files\iSafe\iSafeKrnlR3.sys =>Trojan.Staser
O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Program Files\iSafe\iSafeNetFilter.sys =>Trojan.Staser
O42 - Logiciel: Yet Another Cleaner! - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe =>Trojan.Staser
[HKLM\Software\SupDp] =>PUP.SupTab
O43 - CFD: 15/06/2014 - 21:30:32 - [] ----D C:\Program Files\iSafe =>Trojan.Staser
O43 - CFD: 14/06/2014 - 09:52:13 - [] ----D C:\Users\Anne\AppData\Roaming\iSafe =>Trojan.Staser
O44 - LFC:[MD5.562DA2EB9D52FDCBAFB6FCC3DD4003D8] - 13/06/2014 - 12:17:23 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [40064] =>Trojan.Staser
O45 - LFCP:[MD5.EDF233C583E39532DD37D54E8ACEE586] - 14/06/2014 - 08:52:22 ---A- - C:\Windows\Prefetch\ISAFE.EXE-501C6B16.pf =>Trojan.Staser
O45 - LFCP:[MD5.2CF66964F663EC914CEE7DE4AB06D1C2] - 14/06/2014 - 08:16:09 ---A- - C:\Windows\Prefetch\ISAFEDOWNLOADER.EXE-5D4A0F4A.pf =>PUP.SoftwareEngine
O45 - LFCP:[MD5.7B8711DF0754A66C1C5A19335E0A2E60] - 14/06/2014 - 08:24:06 ---A- - C:\Windows\Prefetch\ISAFESCAN.EXE-5704198F.pf =>Trojan.Staser
O45 - LFCP:[MD5.8917708DAAD6C6D319B2C4B39F562355] - 14/06/2014 - 08:17:29 ---A- - C:\Windows\Prefetch\ISAFESVC.EXE-81954C42.pf =>Trojan.Staser
O45 - LFCP:[MD5.48E94DA900926398D36FC62A856F9820] - 14/06/2014 - 08:17:29 ---A- - C:\Windows\Prefetch\ISAFESVC2.EXE-9780366C.pf =>Trojan.Staser
O45 - LFCP:[MD5.DF6BB0259BC4091C0017D09593257ABA] - 14/06/2014 - 08:17:40 ---A- - C:\Windows\Prefetch\ISAFETHLP.EXE-353D0AAE.pf =>Trojan.Staser
O45 - LFCP:[MD5.D1C76652C68BF1EFD3093F212ADC684D] - 14/06/2014 - 08:18:13 ---A- - C:\Windows\Prefetch\ISAFETRAY.EXE-915153CE.pf =>Trojan.Staser
O58 - SDL:13/06/2014 - 12:17:23 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [40064] =>Trojan.Staser
O64 - Services: CurCS - 13/06/2014 - C:\Program Files\iSafe\iSafeKrnl.sys (iSafeKrnl) .(.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - LEGACY_ISAFEKRNL =>Trojan.Staser
O64 - Services: CurCS - 13/06/2014 - C:\Program Files\iSafe\iSafeKrnlKit.sys (iSafeKrnlKit) .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT =>Trojan.Staser
O64 - Services: CurCS - 13/06/2014 - C:\Program Files\iSafe\iSafeKrnlR3.sys (iSafeKrnlR3) .(.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - LEGACY_ISAFEKRNLR3 =>Trojan.Staser
O64 - Services: CurCS - 03/06/2014 - C:\Program Files\iSafe\iSafeNetFilter.sys (iSafeNetFilter) .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\IminentUninstall_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\IminentUninstall_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\iSafeDownLoader_RASAPI32 =>PUP.SoftwareEngine
HKLM\SOFTWARE\Microsoft\Tracing\iSafeDownLoader_RASMANCS =>PUP.SoftwareEngine
HKLM\SOFTWARE\Microsoft\Tracing\iSafeScan_RASAPI32 =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeScan_RASMANCS =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASAPI32 =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASMANCS =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASAPI32 =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASMANCS =>Trojan.Staser
SR - | Auto 13/06/2014 115320 | (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files\iSafe\iSafeSvc.exe =>Trojan.Staser
[HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>Trojan.Staser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>Trojan.Staser^
C:\Program Files\iSafe =>Trojan.Staser^
C:\Users\Anne\AppData\Roaming\iSafe =>Trojan.Staser^
C:\Program Files\iSafe\iSafeTray.exe =>Trojan.Staser^
C:\Program Files\iSafe\iSafeSvc.exe =>Trojan.Staser^
C:\Program Files\iSafe\iSafeSvc2.exe =>Trojan.Staser^
C:\Program Files\iSafe\ipcdl.exe =>Trojan.Staser^
[HKLM\Software\SupDp] =>PUP.SupTab^
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com =>Toolbar.DeltaSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_trivial-pursuit_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_trivial-pursuit_RASMANCS =>Toolbar.Conduit


ShortcutFix
FirewallRaz
Emptytemp
SysRestore



Publicité


Signaler le contenu de ce document

Publicité