cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
SysRestore
M3 - MFPP: Plugins - [Candice] -- C:\Users\Candice\AppData\Roaming\Mozilla\Firefox\Profiles\0quec6he.default\searchplugins\babylon.xml
M3 - MFPP: Plugins - [Candice] -- C:\Users\Candice\AppData\Roaming\Mozilla\Firefox\Profiles\0quec6he.default\searchplugins\BrowserProtect.xml
M3 - MFPP: Plugins - [Candice] -- C:\Users\Candice\AppData\Roaming\Mozilla\Firefox\Profiles\0quec6he.default\searchplugins\holasearch.xml
M2 - MFEP: prefs.js [Candice - 0quec6he.default\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com] [] Services x86 v (..)
M2 - MFEP: prefs.js [Candice - 0quec6he.default\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}] [] Value Apps v1.7.0.0 (..)
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.rpidity.com
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Cl� orpheline
O4 - GS\Desktop [Candice]: Club Windows Mobile.lnk - Cl� orpheline
O4 - GS\Desktop [Candice]: LSHunterTVApp.lnk . (...) -- C:\Program Files (x86)\LSHunter.TV\LSHunterTVApp.exe
[MD5.00000000000000000000000000000000] [APT] [{F63BB7A1-487D-45FA-9A3C-2445DA941C12}] (...) -- C:\Users\Candice\AppData\Local\Temp\Temp1_VMNavigation_PND_6.5.4.zip\VMNavigation_PND_6.5.4.exe (.not file.) [0]
O42 - Logiciel: LSHunterTVApp - (.LSHunter.TV.) [HKLM][64Bits] -- 1ClickDownload
O42 - Logiciel: Services x86 - (.Corporate Inc.) [HKLM][64Bits] -- Services x86
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
[HKCU\Software\37180InstEnd]
[HKCU\Software\59e888fb36aed10]
[HKCU\Software\AppDataLow\Software\Services x86]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\BrowserMngr]
[HKCU\Software\Conduit]
[HKCU\Software\Cr_Installer]
[HKCU\Software\Duuqu]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\Softonic]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Wow6432Node\59e888fb36aed10]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\BrowserMngr]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\Duuqu]
[HKLM\Software\mamverifier]
O43 - CFD: 26/11/2013 - 17:46:50 - [0] ----D C:\Program Files (x86)\Duuqu
O43 - CFD: 02/12/2012 - 19:06:17 - [0,594] ----D C:\Program Files (x86)\LSHunter.TV
O43 - CFD: 10/09/2012 - 16:58:19 - [3,587] ----D C:\Program Files (x86)\rpidity
O43 - CFD: 08/05/2013 - 18:20:20 - [3,742] ----D C:\Program Files (x86)\Services x86
O43 - CFD: 02/12/2012 - 19:07:10 - [0,186] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 09/09/2012 - 14:06:08 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 02/12/2012 - 19:07:08 - [1,661] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 09/09/2012 - 14:06:07 - [0,038] ----D C:\Users\Candice\AppData\Roaming\Babylon
O43 - CFD: 03/05/2013 - 21:29:08 - [0] ----D C:\Users\Candice\AppData\Roaming\PerformerSoft
O43 - CFD: 25/07/2013 - 12:29:08 - [0] ----D C:\Users\Candice\AppData\Roaming\ValueApps
O43 - CFD: 09/09/2012 - 15:08:42 - [0,039] ----D C:\Users\Candice\AppData\Roaming\WebPlayerBdd
O43 - CFD: 20/11/2013 - 22:40:51 - [0] ----D C:\Users\Candice\AppData\Local\Duuqu
O43 - CFD: 02/12/2012 - 19:06:05 - [0,002] ----D C:\Users\Candice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\35067537.sys . (...) -- C:\Windows\System32\Drivers\35067537.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\35067537.sys . (...) -- C:\Windows\System32\Drivers\35067537.sys (.not file.)
O69 - SBI: prefs.js [Candice - 0quec6he.default] user_pref("extensions.crossrider.bic", "13eb20b9f744040ff43fcbe5c92d4488");
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Hola Search) - http://www.holasearch.com
O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - http://eu.ask.com
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com
O87 - FAEL: "TCP Query User{FCC2FA7D-C950-4ABB-B3DB-0F0A2BF1B72C}C:\kreapixel\webplayerv2\webplayerv2.exe" |In - Private - P6 - TRUE | .(...) -- C:\kreapixel\webplayerv2\webplayerv2.exe (.not file.)
O87 - FAEL: "UDP Query User{B312F413-95AF-462C-AD37-A0EDB09F1243}C:\kreapixel\webplayerv2\webplayerv2.exe" |In - Private - P17 - TRUE | .(...) -- C:\kreapixel\webplayerv2\webplayerv2.exe (.not file.)
C:\Users\Candice\AppData\Roaming\Mozilla\Firefox\Profiles\0quec6he.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com
C:\Users\Candice\AppData\Roaming\Mozilla\Firefox\Profiles\0quec6he.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[HKLM\Software\Classes\YontooIEClient.Api]
[HKLM\Software\Classes\YontooIEClient.Api.1]
[HKLM\Software\Classes\YontooIEClient.Layers]
[HKLM\Software\Classes\YontooIEClient.Layers.1]
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api]
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1]
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers]
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1]
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220222702296}]
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\rpidity_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\rpidity_RASMANCS]
[HKCU\Software\AppDataLow\Software\Services x86]
[HKLM\Software\Wow6432Node\Services x86]
[HKLM\Software\Classes\Prod.cap]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Services x86]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}]
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}]
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}]
[HKLM\Software\Wow6432Node\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}]
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}]
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}]
[HKLM\Software\Wow6432Node\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}]
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}]
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Services x86]
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\hcdolklkjeckmmhijeoimikandkdeknn]
EmptyCLSID
EmptyFlash
EmptyTemp

Publicité


Signaler le contenu de ce document

Publicité