cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [gmsd_fr_579] => [X]
HKLM-x32\...\Run: [gmsd_fr_610] => [X]
HKLM-x32\...\Run: [gmsd_fr_616] => [X]
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SelectedSearchEngine: Trovi
CHR dev: Chrome dev build detected! <======= ATTENTION
StartMenuInternet: Google Chrome.CTY6D55L7NLUVJJWSVFRGP4HSI - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1433683935&z=9eb42e5ad1dad6237cbda3fgaz0c7cdq9bac6tcc8w&from=slb2&uid=HitachiXHTS547564A9E384_110529J23A0053GJY92NX
OPR Extension: (bgdpkilkheacbboffppjgceiplijhfpd) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2015-06-03]
OPR Extension: (cobbaepnkejfnljmjgimdhoefifdhcak) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\cobbaepnkejfnljmjgimdhoefifdhcak [2015-06-03]
StartMenuInternet: Google Chrome.CTY6D55L7NLUVJJWSVFRGP4HSI - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1433683935&z=9eb42e5ad1dad6237cbda3fgaz0c7cdq9bac6tcc8w&from=slb2&uid=HitachiXHTS547564A9E384_110529J23A0053GJY92NX
2015-06-07 15:13 - 2015-06-07 16:09 - 00000992 _____ C:\Windows\Tasks\TakAm52o.job
2015-06-07 15:13 - 2015-06-07 16:08 - 00000992 _____ C:\Windows\Tasks\3FGKuww0.job
2015-06-07 15:13 - 2015-06-07 15:13 - 00004026 _____ C:\Windows\System32\Tasks\TakAm52o
2015-06-07 15:13 - 2015-06-07 15:13 - 00004026 _____ C:\Windows\System32\Tasks\3FGKuww0
2015-06-04 22:13 - 2015-06-07 16:08 - 00001020 _____ C:\Windows\Tasks\PYdo5J1d2YFgaGwWqclhKh.job
2015-06-04 22:13 - 2015-06-07 16:08 - 00000992 _____ C:\Windows\Tasks\mHfWmK8A.job
2015-06-04 22:13 - 2015-06-04 22:13 - 00004054 _____ C:\Windows\System32\Tasks\PYdo5J1d2YFgaGwWqclhKh
2015-06-04 22:13 - 2015-06-04 22:13 - 00004026 _____ C:\Windows\System32\Tasks\mHfWmK8A
2015-06-04 12:28 - 2015-06-07 16:09 - 00001012 _____ C:\Windows\Tasks\gz3vO2iZse39FCzq9B.job
2015-06-04 12:28 - 2015-06-07 16:09 - 00001010 _____ C:\Windows\Tasks\NrKnFX2LWaNtMUQ1R.job
2015-06-04 12:28 - 2015-06-07 16:09 - 00000992 _____ C:\Windows\Tasks\3xj8Gj2e.job
2015-06-04 12:28 - 2015-06-07 16:08 - 00001022 _____ C:\Windows\Tasks\dr5IDtjoEplwtqvaSEyamOg.job
2015-06-04 12:28 - 2015-06-04 12:28 - 00004056 _____ C:\Windows\System32\Tasks\dr5IDtjoEplwtqvaSEyamOg
2015-06-04 12:28 - 2015-06-04 12:28 - 00004046 _____ C:\Windows\System32\Tasks\gz3vO2iZse39FCzq9B
2015-06-04 12:28 - 2015-06-04 12:28 - 00004044 _____ C:\Windows\System32\Tasks\NrKnFX2LWaNtMUQ1R
2015-06-04 12:28 - 2015-06-04 12:28 - 00004026 _____ C:\Windows\System32\Tasks\3xj8Gj2e
2015-06-04 11:57 - 2015-06-07 16:09 - 00000994 _____ C:\Windows\Tasks\Vwwbr5x2h.job
2015-06-04 11:57 - 2015-06-07 16:09 - 00000992 _____ C:\Windows\Tasks\IWRguGfN.job
2015-06-04 11:57 - 2015-06-04 11:57 - 00004028 _____ C:\Windows\System32\Tasks\Vwwbr5x2h
2015-06-04 11:57 - 2015-06-04 11:57 - 00004026 _____ C:\Windows\System32\Tasks\IWRguGfN
2015-05-31 12:43 - 2015-05-31 12:43 - 00002970 _____ C:\Windows\System32\Tasks\PenWes
2015-05-31 10:32 - 2015-05-31 10:32 - 00613255 _____ (CMI Limited) C:\Users\Martin\AppData\Local\nshAC93.tmp
2015-05-31 10:23 - 2015-05-31 10:23 - 00613255 _____ (CMI Limited) C:\Users\Martin\AppData\Local\nsj9474.tmp
2015-02-02 15:03 - 2015-02-02 15:03 - 0234679 _____ () C:\Users\Martin\AppData\Local\dsi1.dat
2015-02-02 15:03 - 2015-02-02 15:03 - 0161916 _____ () C:\Users\Martin\AppData\Local\dsi2.dat
C:\ProgramData\pclunst.exe
C:\Users\Martin\AppData\Local\Temp\015b92c584474851b3d0c0048444be21757607.exe
C:\Users\Martin\AppData\Local\Temp\146.exe
C:\Users\Martin\AppData\Local\Temp\3504.exe
C:\Users\Martin\AppData\Local\Temp\6266.exe
C:\Users\Martin\AppData\Local\Temp\9607.exe
C:\Users\Martin\AppData\Local\Temp\beddedabca.exe
C:\Users\Martin\AppData\Local\Temp\beddeeajca.exe
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphwuu9g.dll
C:\Users\Martin\AppData\Local\Temp\ec42372d2f25408db19d5f7dd0ebadce214626.exe
C:\Users\Martin\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Martin\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Martin\AppData\Local\Temp\rwe589A.exe
C:\Users\Martin\AppData\Local\Temp\sdf55CD.exe
C:\Users\Martin\AppData\Local\Temp\sdf5CDF.exe
C:\Users\Martin\AppData\Local\Temp\sdf7A1F.exe
C:\Users\Martin\AppData\Local\Temp\sdf7F9B.exe
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll
C:\Users\Martin\AppData\Local\Temp\Uninstall.exe
Task: {25F94960-0A44-4C8C-A277-23F70797D760} - System32\Tasks\avabvbavad => C:\Users\Martin\AppData\Local\avabvbavad\avabvbavad.exe [2015-06-03] () <==== ATTENTION
Task: {3AE4CBE6-5548-4455-B2AB-9332836EB16E} - System32\Tasks\IWRguGfN => C:\Users\Martin\AppData\Roaming\IWRguGfN.exe [2015-04-20] () <==== ATTENTION
Task: {4C606A6D-4370-43A9-A6F0-77A07A6264DC} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {895A6305-2BD9-481B-8242-A0638E9A8717} - System32\Tasks\NrKnFX2LWaNtMUQ1R => C:\Users\Martin\AppData\Roaming\NrKnFX2LWaNtMUQ1R.exe [2015-04-20] () <==== ATTENTION
Task: {91A78045-D665-41AA-B56D-410711198B9E} - System32\Tasks\dr5IDtjoEplwtqvaSEyamOg => C:\Users\Martin\AppData\Roaming\dr5IDtjoEplwtqvaSEyamOg.exe [2015-04-20] () <==== ATTENTION
Task: {9CFABA5C-8C3B-40E3-84B1-8C7C8CE4E941} - System32\Tasks\{88C35386-BC94-44CF-896B-1D9FBB68F0DD} => pcalua.exe -a C:\Users\Martin\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=slb2
Task: {9D3B98FC-DE9D-4718-9E33-A1F61A147A42} - System32\Tasks\3FGKuww0 => C:\Users\Martin\AppData\Roaming\3FGKuww0.exe [2015-04-20] () <==== ATTENTION
Task: {A641362E-5DB5-4D94-806A-AFC568E3B218} - System32\Tasks\Vwwbr5x2h => C:\Users\Martin\AppData\Roaming\Vwwbr5x2h.exe [2015-04-20] () <==== ATTENTION
Task: {BE48E7D0-38D0-43F2-9BEA-241578AE2852} - System32\Tasks\mHfWmK8A => C:\Users\Martin\AppData\Roaming\mHfWmK8A.exe [2015-04-20] () <==== ATTENTION
Task: {C6973C6C-4DB6-4116-AA84-A7FDB9AAFE91} - System32\Tasks\3xj8Gj2e => C:\Users\Martin\AppData\Roaming\3xj8Gj2e.exe [2015-04-20] () <==== ATTENTION
Task: {CB665424-F5C0-48AE-8CF1-71A9D406F32A} - System32\Tasks\PenWes => C:\Program Files (x86)\PenWes\dnshelper.exe <==== ATTENTION
Task: {D57CFBF4-7B6C-47C6-887E-DD29BB28CFBE} - System32\Tasks\gz3vO2iZse39FCzq9B => C:\Users\Martin\AppData\Roaming\gz3vO2iZse39FCzq9B.exe [2015-04-20] () <==== ATTENTION
Task: {E70C198A-5C75-4A7D-907C-D71B9934C18D} - System32\Tasks\TakAm52o => C:\Users\Martin\AppData\Roaming\TakAm52o.exe [2015-04-20] () <==== ATTENTION
Task: C:\Windows\Tasks\3FGKuww0.job => C:\Users\Martin\AppData\Roaming\3FGKuww0.exe <==== ATTENTION
Task: C:\Windows\Tasks\3xj8Gj2e.job => C:\Users\Martin\AppData\Roaming\3xj8Gj2e.exe <==== ATTENTION
Task: C:\Windows\Tasks\dr5IDtjoEplwtqvaSEyamOg.job => C:\Users\Martin\AppData\Roaming\dr5IDtjoEplwtqvaSEyamOg.exe <==== ATTENTION
Task: C:\Windows\Tasks\gz3vO2iZse39FCzq9B.job => C:\Users\Martin\AppData\Roaming\gz3vO2iZse39FCzq9B.exe <==== ATTENTION
Task: C:\Windows\Tasks\IWRguGfN.job => C:\Users\Martin\AppData\Roaming\IWRguGfN.exe <==== ATTENTION
Task: C:\Windows\Tasks\mHfWmK8A.job => C:\Users\Martin\AppData\Roaming\mHfWmK8A.exe <==== ATTENTION
Task: C:\Windows\Tasks\NrKnFX2LWaNtMUQ1R.job => C:\Users\Martin\AppData\Roaming\NrKnFX2LWaNtMUQ1R.exe <==== ATTENTION
Task: C:\Windows\Tasks\PYdo5J1d2YFgaGwWqclhKh.job => C:\Users\Martin\AppData\Roaming\PYdo5J1d2YFgaGwWqclhKh.exe <==== ATTENTION
Task: C:\Windows\Tasks\TakAm52o.job => C:\Users\Martin\AppData\Roaming\TakAm52o.exe <==== ATTENTION
Task: C:\Windows\Tasks\Vwwbr5x2h.job => C:\Users\Martin\AppData\Roaming\Vwwbr5x2h.exe <==== ATTENTION
2015-06-07 17:04 - 2015-06-07 17:04 - 01240560 _____ () C:\ProgramData\oBNxidNy\dat\ahPQXVx.dll
C:\ProgramData\oBNxidNy\dat\ahPQXVx.dll
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: RegistryBooster => "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SpeedUpMyPC => "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000
FirewallRules: [{A58D3DEE-C8A9-4892-9038-E28ECC02CDEE}] => (Allow) C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe
FirewallRules: [{689A7123-663F-4311-A6DC-12B6AC1A4355}] => (Allow) C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe
FirewallRules: [{92A88D97-1E70-48B2-88D0-52A6F12AD5CE}] => (Allow) C:\Program Files (x86)\PenWes\dnshelper.exe
FirewallRules: [{169CF114-4D76-4A60-A1FE-05CEB3BAD01B}] => (Allow) C:\Program Files (x86)\PenWes\dnshelper.exe
FirewallRules: [{97F4BC6E-A006-4B25-977D-801981A43C81}] => (Allow) C:\Program Files (x86)\PenWes\dnsservice.exe
FirewallRules: [{948C2129-920B-4154-9684-B0F6FF768A90}] => (Allow) C:\Program Files (x86)\PenWes\dnsservice.exe


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité