cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
EmptyPrefetch
ShortcutFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[MD5.DAD81253B50E1D803B91E01A82852D28] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.50CF7C64360ACE0EA9566123B1DC274D] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.8A9919DAE95708B073827EA3C88DFF03] - (.Copyright 2015. All rights reserved. - Service.) -- C:\Program Files (x86)\RayDld\ihpmServer.exe [268520] [PID.2404]
O4 - HKLM\..\Wow6432Node\Run: [ QQPCTray] C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTray.exe (.not file.)
O23 - Service: ihpmServer (ihpmServer) . (.Copyright 2015. All rights reserved. - Service.) - C:\Program Files (x86)\RayDld\ihpmServer.exe
O23 - Service: QQPCMgr RTP Service (QQPCRTP) . (...) - C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCRtp.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [WIN-GGfIfEGCfEGbGffIfCfEGC] (...) -- C:\Users\Valerie\AppData\Roaming\~svzuhta.exe (.not file.) [0]
HKLM\SOFTWARE\Wow6432Node\FastSearch
HKLM\SOFTWARE\Wow6432Node\ihpmserver
HKLM\SOFTWARE\Wow6432Node\RayDld
HKLM\SOFTWARE\Wow6432Node\Tencent
HKCU\SOFTWARE\WTools
3 - CFD: 2015/09/20 14:30:43 - [] D -- C:\Program Files (x86)\RayDld
3 - CFD: 2015/09/21 14:59:12 - [] D -- C:\ProgramData\Tencent
3 - CFD: 2015/09/21 18:58:04 - [] D -- C:\Users\Valerie\AppData\Roaming\Tencent
SR - Auto [2015/09/09 12:20:12] [ 268520] ihpmServer (ihpmServer) . (.Copyright 2015. All rights reserved..) - C:\Program Files (x86)\RayDld\ihpmServer.exe
C:\Program Files (x86)\RayDld\ihpmServer.exe
HKLM\SYSTEM\CurrentControlSet\Services\ihpmServer
HKLM\SYSTEM\CurrentControlSet\Services\QQPCRTP
C:\Program Files (x86)\RayDld
C:\ProgramData\Tencent
C:\Users\Valerie\AppData\Roaming\Tencent
[MD5.00000000000000000000000000000000] [APT] [9acWiit52e9TxiD] (...) -- C:\Users\Valerie\AppData\Roaming\ugBRbm0\fkH7ikw.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-statsSystem] (...) -- C:\Users\Valerie\AppData\Local\Microsoft\WinU\~byhuzin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Sony Corporation\VAIO Gate\StartExecuteProxy] (...) -- C:\Program Files (x86)\Sony\VAIO Gate\ExecutionProxy.exe (.not file.) [0]
O43 - CFD: 2013/08/03 20:23:39 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 2015/09/20 14:29:42 - [0] D -- C:\ProgramData\adb
O43 - CFD: 2015/09/20 14:30:20 - [0] D -- C:\ProgramData\baejhbbiaa
O43 - CFD: 2013/08/03 19:48:43 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2015/09/20 15:19:44 - [0] D -- C:\Users\Valerie\AppData\Local\Tempfolder
O87 - FAEL: "TCP Query User{3F2F7A97-2DD1-42BA-8689-3F608C914D4D}C:\users\valerie\appdata\local\temp\q6dqajy.exe" [In-None-P6-TRUE] .(...) -- C:\users\valerie\appdata\local\temp\q6dqajy.exe (.not file.)
O87 - FAEL: "UDP Query User{E1E7EDF5-C892-4DD7-B5F3-C49836E4CC53}C:\users\valerie\appdata\local\temp\q6dqajy.exe" [In-None-P17-TRUE] .(...) -- C:\users\valerie\appdata\local\temp\q6dqajy.exe (.not file.)
SS - Demand [2013/10/16 13:29:30] [ 235216] McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe ©
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll ©
O43 - CFD: 2015/01/02 08:45:51 - [] D -- C:\Users\Valerie\AppData\Roaming\ugBRbm0
O43 - CFD: 2015/09/20 15:19:03 - [] D -- C:\Users\Valerie\AppData\Roaming\WB_CFG
O43 - CFD: 2015/01/02 08:45:51 - [] D -- C:\Users\Valerie\AppData\Roaming\zxsCnv8
O43 - CFD: 2015/09/20 20:58:47 - [] D -- C:\Users\Valerie\AppData\Local\{ABC59D99-8F6D-F121-E2F5-D4C9C69D2851}
O43 - CFD: 2015/09/20 14:29:30 - [] D -- C:\Users\Valerie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7k7k????(920)
O43 - CFD: 2015/09/21 09:41:22 - [] D -- C:\Users\Valerie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
O39 - APT: 9acWiit52e9TxiD - (...) -- C:\Windows\System32\Tasks\9acWiit52e9TxiD [3242]
O39 - APT: WIN-GGfIfEGCfEGbGffIfCfEGC - (...) -- C:\Windows\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC [3188]
HKLM\SOFTWARE\Wow6432Node\QQTrace
[MD5.9FC8D62CD7E5C9DB50B515C26B968E00] - (.Beijing Rising Information Technology Co., Ltd. - tray ????.) -- C:\Program Files (x86)\Rising\RSD\popwndexe.exe [126808] [PID.3436] ©
O4 - HKLM\..\Wow6432Node\Run: [RSDTRAY] . (.Beijing Rising Information Technology Co., Ltd. - tray ????.) -- C:\Program Files (x86)\Rising\RSD\popwndexe.exe ©

Emptytemp
Emptyclsid
FirewallRaz

Publicité


Signaler le contenu de ce document

Publicité