cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
G2 - GCE: Preference [User Data\Default] [gkcbebbklfkjeocpmoamnopdllfekind] General Downloader plugin v.1.0.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pcidejejpblipcjpnkfkddlkmgndblch] General Crawler v.2.5 (Désactivé) =>PUP.MediaFinder
C:\Users\WELTINFO\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
C:\Users\WELTINFO\AppData\Roaming\Mozilla\Firefox\Profiles\zkelvlrj.default\prefs.js (.not file.)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\MSDCSC\msdcsc.exe
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{04B84C46-5ABB-476B-A7D7-40435D9AE611} Clé orpheline
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\WELTINFO\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1299746544-1527141224-5497088-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\WELTINFO\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
[HKCU\Software\Atccrpud]
[HKCU\Software\MYGALEsoft]
[HKCU\Software\Pam Development]
[HKCU\Software\Total Soft]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\MU_FROM]
O43 - CFD: 21/02/2014 - 17:44:20 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 21/02/2014 - 17:42:23 - [0,917] ----D C:\Program Files (x86)\FK_Monitor
O43 - CFD: 08/02/2014 - 10:41:07 - [0] ----D C:\Program Files (x86)\GUM463.tmp
O43 - CFD: 10/12/2012 - 15:17:18 - [33,442] ----D C:\Program Files (x86)\Mostakbal
O43 - CFD: 21/02/2014 - 18:14:29 - [0,003] -SH-D C:\ProgramData\MPK
O43 - CFD: 21/02/2014 - 18:21:08 - [0,054] ----D C:\Users\WELTINFO\AppData\Roaming\FK_Monitor
O43 - CFD: 17/09/2012 - 21:12:31 - [0,014] ----D C:\Users\WELTINFO\AppData\Roaming\{4916c8ce-b9e7-4e25-9a23-25493e41e04c}
O43 - CFD: 21/02/2014 - 17:49:26 - [0] ----D C:\Users\WELTINFO\AppData\Local\Conduit
O43 - CFD: 21/05/2012 - 17:11:49 - [0] ----D C:\Users\WELTINFO\AppData\Local\Configure
O51 - MPSK:{5fada844-9bcf-11e2-96d4-e0ca94102370}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O51 - MPSK:{5fada852-9bcf-11e2-96d4-e0ca94102370}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O51 - MPSK:{a5cfa0a3-9c95-11e2-a539-e0ca94102370}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] Yandex [DefaultScope] - (??????) - http://yandex.ru
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][21/02/2014] (...) -- C:\Users\WELTINFO\AppData\Local\Temp\SHSetup.exe [0] =>Crapware.SpyHunter
[MD5.3B00695C25569F4A487002472CB5465A] [SPRF][10/06/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\WELTINFO\AppData\Local\Temp\tbNeww.dll [4414792] =>Toolbar.Conduit
[HKLM\Software\Google\Chrome\Extensions\pcidejejpblipcjpnkfkddlkmgndblch] =>PUP.MediaFinder^
[HKLM\Software\Classes\Toolbar.CT2458743] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2458743] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
C:\Users\WELTINFO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcidejejpblipcjpnkfkddlkmgndblch =>PUP.MediaFinder^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\FK_Monitor =>Keylogger.FreeKeylogger
C:\ProgramData\MPK =>Keylogger.Agent
C:\Users\WELTINFO\AppData\Roaming\FK_Monitor =>Keylogger.FreeKeylogger
C:\Users\WELTINFO\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\WELTINFO\AppData\LocalLow\Conduit =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
C:\Users\WELTINFO\AppData\Local\Temp\SHSetup.exe =>Crapware.SpyHunter^
C:\Users\WELTINFO\AppData\Local\Temp\tbNeww.dll =>Toolbar.Conduit^

EmptyFlash
EmptyTemp
EmptyClsid
FirewallRaz
Proxyfix
SysRestore

Publicité


Signaler le contenu de ce document

Publicité