cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-3010815714-994068555-4249506564-1002\...\Run: [uTorrent] => C:\Users\Alban\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-3010815714-994068555-4249506564-1002\...\MountPoints2: {2eb216c6-1ed6-11e4-beef-08606e8c2c29} - "F:\setup.exe"
HKU\S-1-5-21-3010815714-994068555-4249506564-1002\...\MountPoints2: {b375a66e-c48f-11e3-824f-806e6f6e6963} - "E:\Launch.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3010815714-994068555-4249506564-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_18¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EzyzyyDtB0EtBtDyB0DyEtN0D0Tzu0StCtBtCtAtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCtCzzyEtCzztB0DtGyBtAtDtDtGyByEtCyEtG0F0A0EtDtGyD0EyEtCyB0D0DtAyD0Dzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0B0EzytAyCtBtGzytCtDtDtGyEyC0BtDtGzy0DyCyEtG0EyE0AtC0EyCtDyE0BtCzyzy2QtN0A0LzutB%26cr%3D1912417554%26a%3Dwny_clu_15_18%26os%3DWindows 8.1
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3010815714-994068555-4249506564-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EzyzyyDtB0EtBtDyB0DyEtN0D0Tzu0StCtBtCtAtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCtCzzyEtCzztB0DtGyBtAtDtDtGyByEtCyEtG0F0A0EtDtGyD0EyEtCyB0D0DtAyD0Dzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0B0EzytAyCtBtGzytCtDtDtGyEyC0BtDtGzy0DyCyEtG0EyE0AtC0EyCtDyE0BtCzyzy2QtN0A0LzutB%26cr%3D1912417554%26a%3Dwny_clu_15_18%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3010815714-994068555-4249506564-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3010815714-994068555-4249506564-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_18¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EzyzyyDtB0EtBtDyB0DyEtN0D0Tzu0StCtBtCtAtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyCtCzzyEtCzztB0DtGyBtAtDtDtGyByEtCyEtG0F0A0EtDtGyD0EyEtCyB0D0DtAyD0Dzyzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0B0EzytAyCtBtGzytCtDtDtGyEyC0BtDtGzy0DyCyEtG0EyE0AtC0EyCtDyE0BtCzyzy2QtN0A0LzutB%26cr%3D1912417554%26a%3Dwny_clu_15_18%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3010815714-994068555-4249506564-1002 -> {B3B10BD5-8C07-4621-AF30-E8A377955841} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3285358&CUI=UN34521787432784724&UM=2
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-03]
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
C:\Users\Alban\X3DAudio1_7.dll
C:\ProgramData\SetStretch.exe
Task: {AD1CFACB-06C6-487C-81DE-F47F16EE3F0C} - \avayvxvaxc No Task File <==== ATTENTION
Task: {B2B57CF3-F443-44D2-9FA5-D1351F2CB7C5} - System32\Tasks\{473FFF55-6CA6-4F62-A005-D292E6DDFBF6} => pcalua.exe -a E:\autorun.exe -d C:\Users\Alban\Desktop
Task: {D7367D7F-1ECC-4A55-944A-F1B4B4E04CB5} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
FirewallRules: [{FADFBF82-CC2C-40B2-99EB-1AF88F05ABE9}] => (Allow) C:\Users\Alban\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{93CE7934-C141-4674-87B6-2E6218A3CB1E}] => (Allow) C:\Users\Alban\AppData\Roaming\uTorrent\uTorrent.exe



EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité