cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe
HKLM\...\Run: [gpuminer] => C:\Users\Youndes\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
GroupPolicy: Stratégie de groupe sur Chrome détecté(e) <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Stratégie de restriction <======= ATTENTION
HKU\S-1-5-21-191571300-714251185-475189240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Stratégie de restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_cmi_15_34¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0B0EyEyCtAyDyDzz0AtN0D0Tzu0StCtAtBzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StDtD0E0F0CzzyEtAtGyByEyD0AtG0FtCtAyEtGtB0DtAzytGtDyE0E0AyEtA0F0AtDtBzyyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtAyBtByCtDzytGtC0F0F0DtGyEyC0BtAtG0B0C0E0AtGzztBtB0F0F0E0A0EyDzz0F0F2QtN0A0LzutB%26cr%3D63536579%26a%3Dwncy_cmi_15_34%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=0d3e5486-c2f3-4988-892d-d91256bdcae0&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-191571300-714251185-475189240-1000 -> DefaultScope {EFFE211F-705E-415D-ACAB-477CC0B5B6DE} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_cmi_15_34¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0B0EyEyCtAyDyDzz0AtN0D0Tzu0StCtAtBzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyC0C0E0D0A0DzyyBtGtDtCyD0AtGzzyE0AyDtGtByCyC0BtGyCzz0EyCtBtCyCzztBzzzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtAyBtByCtDzytGtC0F0F0DtGyEyC0BtAtG0B0C0E0AtGzztBtB0F0F0E0A0EyDzz0F0F2QtN0A0LzutB%26cr%3D317627712%26a%3Dwncy_cmi_15_34%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-191571300-714251185-475189240-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=0d3e5486-c2f3-4988-892d-d91256bdcae0&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-191571300-714251185-475189240-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-191571300-714251185-475189240-1000 -> {EFFE211F-705E-415D-ACAB-477CC0B5B6DE} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_cmi_15_34¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0B0EyEyCtAyDyDzz0AtN0D0Tzu0StCtAtBzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyC0C0E0D0A0DzyyBtGtDtCyD0AtGzzyE0AyDtGtByCyC0BtGyCzz0EyCtBtCyCzztBzzzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtAyBtByCtDzytGtC0F0F0DtGyEyC0BtAtG0B0C0E0AtGzztBtB0F0F0E0A0EyDzz0F0F2QtN0A0LzutB%26cr%3D317627712%26a%3Dwncy_cmi_15_34%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO-x32: Fortunitas -> {0df469bd-3f78-4f4e-bb44-08194c50fcea} -> C:\Program Files (x86)\Fortunitas\Fortunitasbho.dll Pas de fichier
FF SelectedSearchEngine: StartWeb
FF Extension: winservice86 - C:\Users\Youndes\AppData\Roaming\Mozilla\Firefox\Profiles\uw6k9jxq.default\Extensions\taylorralston@hotmail.com [2015-02-24]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [irobinhood@irobinhood.org] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi
CHR HKLM-x32\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jlceijfdfeghdhmmbhbcffanmcggoojf] - https://clients2.google.com/service/update2/crx
S2 Util Deal Keeper; "C:\Program Files (x86)\Deal Keeper\bin\utilDealKeeper.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Youndes\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 hjlkfdajklfed3dfa; \??\C:\Program Files (x86)\SupTab\cfgdrv64.cfg [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2015-08-23 01:20 - 2015-08-23 01:20 - 00002970 _____ C:\Windows\System32\Tasks\PenWes
2015-08-23 01:08 - 2015-08-23 01:08 - 00000000 ____D C:\Users\Default\AppData\Local\Boxore
2015-08-23 01:08 - 2015-08-23 01:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Boxore
2015-08-23 03:53 - 2014-01-13 22:34 - 00000295 _____ C:\Users\Youndes\AppData\Roaming\WB.CFG
2015-08-04 15:39 - 2015-06-22 17:26 - 00000024 _____ C:\Users\Youndes\AppData\Roaming\appdataFr25.bin
2014-12-02 14:09 - 2014-12-17 01:09 - 0000001 _____ () C:\Users\Youndes\AppData\Local\DSI.DAT
Task: {046E8970-EEB8-456F-A306-F124E63AEE32} - \MediaPlayerEnhance-enabler -> Pas de fichier <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Pas de fichier <==== ATTENTION
Task: {47B552C0-C613-4F0C-9EF0-EFEE50B9DC42} - System32\Tasks\cinemaplus-3.3c_notification_service => C:\Program Files (x86)\CinemaPlus-3.3c\cinemaplus-3.3c_notification_service.exe <==== ATTENTION
Task: {4F050C71-1B00-431D-A96E-B47C5F877AF7} - System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE => C:\Users\Youndes\AppData\Roaming\~xpkcdds.exe
Task: {5116BDC8-7CE4-4703-B95E-4BBAB8DC243B} - \9c909b29-61bc-4557-aa05-715b91ed6aab-11 -> Pas de fichier <==== ATTENTION
Task: {5A225B05-8AE9-498F-8080-D4852F82FAD3} - \9c909b29-61bc-4557-aa05-715b91ed6aab-6 -> Pas de fichier <==== ATTENTION
Task: {64FB86D7-0434-493A-B657-983D49863C52} - System32\Tasks\WIN-statsAdmin => C:\Users\Youndes\AppData\Local\Microsoft\WinU\~rwptsjz.exe <==== ATTENTION
Task: {67D37D03-628A-4A37-917B-0D9EC90FAF99} - \Deeal_fr 0.2-codedownloader -> Pas de fichier <==== ATTENTION
Task: {6F5AEFE8-557A-4219-A609-D4559DE1BBED} - \Deeal_fr 0.2-updater -> Pas de fichier <==== ATTENTION
Task: {80819D68-1062-4EFC-936E-CD14D894147E} - \Browser Updater\Browser Updater -> Pas de fichier <==== ATTENTION
Task: {87E8D413-59AB-4F7C-9B3A-AF5856F8B6A4} - \Deeal_fr 0.2-enabler -> Pas de fichier <==== ATTENTION
Task: {88B2A201-9BD2-4C48-BB1F-593DB8B2E2D1} - \9c909b29-61bc-4557-aa05-715b91ed6aab-3 -> Pas de fichier <==== ATTENTION
Task: {A54A62E1-8BD0-4A77-8144-6D2C105ABD9B} - \SpyHunter4Startup -> Pas de fichier <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier <==== ATTENTION
Task: {B5093665-054D-46CA-A32F-0E2C6BDEDED0} - \MediaPlayerEnhance-codedownloader -> Pas de fichier <==== ATTENTION
Task: {BAA0B809-B2C0-420F-8D06-69822641E55E} - \9c909b29-61bc-4557-aa05-715b91ed6aab-1 -> Pas de fichier <==== ATTENTION
Task: {C11C09E4-3AE2-4662-95C1-27E8807541F4} - \MediaPlayerEnhance-updater -> Pas de fichier <==== ATTENTION
Task: {C4749BAE-6F7B-4D32-81A5-5662737B4D01} - System32\Tasks\cinemaplus-3.3c_updating_service => C:\Program Files (x86)\CinemaPlus-3.3c\cinemaplus-3.3c_updating_service.exe <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Pas de fichier <==== ATTENTION
Task: {DB0EA5A1-3A33-4392-A75F-AAB0C9815B03} - \9c909b29-61bc-4557-aa05-715b91ed6aab-4 -> Pas de fichier <==== ATTENTION
Task: {DB2C506A-788F-494E-AB8A-539D8C00CC99} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Pas de fichier <==== ATTENTION
Task: {E1759C48-A359-440B-B178-B5060CA31629} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserDirect.exe <==== ATTENTION
Task: {E536486C-2847-44FE-B2DE-D2D8DC9DDEDA} - \ProtectedSearch\Protected Search -> Pas de fichier <==== ATTENTION
Task: {E604E5EC-A8F6-43AC-9841-E20E296E8D97} - \9c909b29-61bc-4557-aa05-715b91ed6aab-5 -> Pas de fichier <==== ATTENTION
Task: {E9EBB74F-87DF-415B-A22F-7022579047F9} - \9c909b29-61bc-4557-aa05-715b91ed6aab-2 -> Pas de fichier <==== ATTENTION
Task: {EA858536-E1CA-4041-8DDD-AD6E2F49BEA8} - \9c909b29-61bc-4557-aa05-715b91ed6aab-7 -> Pas de fichier <==== ATTENTION
Task: {F870855E-F910-4F7F-879C-B4CC732A36F4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Pas de fichier <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Pas de fichier <==== ATTENTION
Task: {FF074F65-3498-4870-BF53-00AED1F13F98} - System32\Tasks\PenWes => C:\Program Files (x86)\PenWes\dnshelper.exe <==== ATTENTION
FirewallRules: [TCP Query User{199C06E1-1B94-4FC6-B26A-05F2336AD561}C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{FE4827C1-65A8-40E9-A1DB-3F670B7CC9D0}C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [{91482C1F-90CB-4EDC-BDC6-07E25E6E3C9E}] => (Block) C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [{FCE36331-06B4-415B-B44C-E5FBD844F1A7}] => (Block) C:\users\youndes\appdata\roaming\cacaoweb\cacaoweb.exe


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité