Rapport-OTL.txt

Document joint : EHAqjVfrvLg_Rapport-OTL.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþ:OTL
PRC - C:\Program Files\Picexa\PicexaSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited)
SRV - (PicexaService) -- C:\Program Files\Picexa\PicexaSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited)
[2015/08/06 10:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Picexa
[2015/07/15 07:58:33 | 001,433,712 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\st3EB3.tmp\Picexa.exe
[2015/08/05 13:27:48 | 000,705,672 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\st3EB3.tmp\PicexaSvc.exe
[2015/06/09 07:39:16 | 001,467,032 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\st884F.tmp\Picexa.exe
[2015/06/10 12:51:33 | 000,393,880 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\st884F.tmp\PicexaSvc.exe
[2015/05/20 09:26:22 | 000,426,648 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\stD5E.tmp\Picexa.exe
[2015/05/20 09:26:26 | 000,393,880 | ---- | M] (Taiwan Shui Mu Chih Ching Technology Limited) -- C:\Users\hp\AppData\Local\Temp\stD5E.tmp\PicexaSvc.exe
[2015/06/11 22:39:29 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Picexa Viewer
[2015/06/11 22:39:31 | 000,322,560 | ---- | M] () -- C:\Users\hp\AppData\Roaming\Picexa Viewer\update\px_update_v2.1.38.exe
[2015/08/06 10:45:27 | 000,412,672 | ---- | M] (sewgrfdt) -- C:\Users\hp\AppData\Roaming\Picexa Viewer\update\px_update_v2.1.52.exe
PRC - C:\Program Files\Elex-tech\YAC\iSafeTray.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda)
PRC - C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe (Elex do Brasil Participações Ltda)
MOD - C:\Program Files\Elex-tech\YAC\zlib1.dll ()
MOD - C:\Program Files\Elex-tech\YAC\libpng.dll ()
SRV - (iSafeService) -- C:\Program Files\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnl) -- C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlKit) -- C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlBoot) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlMon) -- C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeKrnlR3) -- C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys (Elex do Brasil Participações Ltda)
DRV - (iSafeNetFilter) -- C:\Windows\System32\Drivers\iSafeNetFilter.sys (Elex do Brasil Participações Ltda)
[2015/06/11 22:40:38 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Roaming\Elex-tech
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=ds&ts=1427736597&from=pcs&uid=ST9500420AS_5VJEMEQ0XXXX5VJEMEQ0&q={searchTerms}
IE - HKLM\..\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}: "URL" = http://www.v9.com/web?type=ds&ts=1439365432&from=zzgbkk123&uid=st9500420as_5vjemeq0xxxx5vjemeq0&z=76be306a15eb2a4de98d6d4g4z4c5tdc6qfw8zdc8q&q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {425ED333-6083-428a-92C9-0CFC28B9D1BF}
IE - HKCU\..\SearchScopes,DefaultScope = {425ED333-6083-428a-92C9-0CFC28B9D1BF}
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}: "URL" = http://www.v9.com/web?type=ds&ts=1439365432&from=zzgbkk123&uid=st9500420as_5vjemeq0xxxx5vjemeq0&z=76be306a15eb2a4de98d6d4g4z4c5tdc6qfw8zdc8q&q={searchTerms}
IE - HKCU\..\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
IE - HKCU\..\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}: "URL" = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "delta-homes"
FF - prefs.js..browser.search.searchengine.alias: "delta-homes"
FF - prefs.js..browser.search.searchengine.iconURL: "http://search.delta-homes.com/favicon.ico"
FF - prefs.js..browser.search.searchengine.name: "delta-homes"
FF - prefs.js..browser.search.searchengine.url: "http://search.delta-homes.com/web/?type=ds&ts=1436990235&z=354ac3539f522ed42856773gaz5cbqdtatbefoec4t&from=wpm07153&uid=ST9500420AS_5VJEMEQ0XXXX5VJEMEQ0&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "delta-homes"
[2015/08/25 23:12:21 | 000,002,185 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\yzp2k4qi.default-1367515792248\searchplugins\delta-homes.xml
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.istartsurf.com/web/?type=ds&ts=1427736597&from=pcs&uid=ST9500420AS_5VJEMEQ0XXXX5VJEMEQ0&q={searchTerms}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\istart_ffnt@gmail.com: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\yzp2k4qi.default-1367515792248\extensions\istart_ffnt@gmail.com [2015/03/30 19:30:10 | 000,000,000 | ---D | M]
[2015/03/30 19:30:10 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\hp\AppData\Roaming\mozilla\Firefox\Profiles\yzp2k4qi.default-1367515792248\extensions\istart_ffnt@gmail.com
[2015/04/11 21:50:35 | 000,002,068 | ---- | M] () -- C:\Users\hp\AppData\Roaming\mozilla\firefox\profiles\yzp2k4qi.default-1367515792248\searchplugins\istartsurf.xml
[2012/09/02 14:51:08 | 000,867,480 | ---- | C] (Babylon Ltd.) -- C:\Users\hp\AppData\Local\BabylonToolbar.exe
[2015/03/30 19:34:45 | 000,000,000 | ---D | M] -- C:\Users\hp\AppData\Local\Boxore

:reg
[-HKEY_LOCAL_MACHINE\software\Picexa]
[-HKEY_LOCAL_MACHINE\software\PicexaSvc]
[-HKEY_LOCAL_MACHINE\software\Elex-tech]
[-HKEY_LOCAL_MACHINE\software\delta-homesSoftware]
[-HKEY_LOCAL_MACHINE\software\istartsurfSoftware]
[-HKEY_LOCAL_MACHINE\software\Boxore]
[-HKEY_CURRENT_USER\software\Boxore]

:Commands
[emptytemp]

Signaler le contenu de ce document