cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=177403784&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3543433309-3597804886-3877114459-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3543433309-3597804886-3877114459-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3543433309-3597804886-3877114459-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {6D074E0D-93AF-374B-15E9-0B3E05B40996} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=177403784&ir=
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SzyyDtBtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0FyByB0F0FtCyBtGyE0ByEtDtGtCyCtC0FtGtA0FtDyEtGyE0CtA0FyByD0EyDtB0AyC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DtC0A0FzyyBtDtG0FtAyDtDtGtB0CtDyDtG0B0B0AtCtGyCyD0EyDtD0F0FyDzy0A0DtD2Q&cr=561363745&ir=
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {6D074E0D-93AF-374B-15E9-0B3E05B40996} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0CyCyCzztN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=1729122077&ir=
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3543433309-3597804886-3877114459-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3543433309-3597804886-3877114459-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0101&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SyBtAyCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=177403784&ir=
SearchScopes: HKU\S-1-5-21-3543433309-3597804886-3877114459-1000 -> {444889E0-2F1D-5138-C754-23EF83D71CC9} URL =
SearchScopes: HKU\S-1-5-21-3543433309-3597804886-3877114459-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SzyyDtBtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0FyByB0F0FtCyBtGyE0ByEtDtGtCyCtC0FtGtA0FtDyEtGyE0CtA0FyByD0EyDtB0AyC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DtC0A0FzyyBtDtG0FtAyDtDtGtB0CtDyDtG0B0B0AtCtGyCyD0EyDtD0F0FyDzy0A0DtD2Q&cr=561363745&ir=
SearchScopes: HKU\S-1-5-21-3543433309-3597804886-3877114459-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKLM - Pas de nom - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF SearchPlugin: C:\Users\Neochris\AppData\Roaming\Mozilla\Firefox\Profiles\kzlni9ol.default\searchplugins\Astromenda.xml [2014-08-09]
FF SearchPlugin: C:\Users\Neochris\AppData\Roaming\Mozilla\Firefox\Profiles\kzlni9ol.default\searchplugins\Mysearchdial.xml [2014-02-10]
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SzyyDtBtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0FyByB0F0FtCyBtGyE0ByEtDtGtCyCtC0FtGtA0FtDyEtGyE0CtA0FyByD0EyDtB0AyC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DtC0A0FzyyBtDtG0FtAyDtDtGtB0CtDyDtG0B0B0AtCtGyCyD0EyDtD0F0FyDzy0A0DtD2Q&cr=561363745&ir=
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_tele_14_50_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtD0FyByC0BtB0E0F0CtBtN0D0Tzu0SzyyDtBtN1L2XzutBtFtBtCtFtCzztFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0FyByB0F0FtCyBtGyE0ByEtDtGtCyCtC0FtGtA0FtDyEtGyE0CtA0FyByD0EyDtB0AyC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DtC0A0FzyyBtDtG0FtAyDtDtGtB0CtDyDtG0B0B0AtCtGyCyD0EyDtD0F0FyDzy0A0DtD2Q&cr=561363745&ir="
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Neochris\AppData\Local\mysearchdial-speeddial.crx [2013-10-30]
CHR HKU\S-1-5-21-3543433309-3597804886-3877114459-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iibmmjhgclhlahmjniokmhleigemjpbh] - C:\Users\Neochris\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx
CHR HKU\S-1-5-21-3543433309-3597804886-3877114459-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Neochris\AppData\Local\mysearchdial-speeddial.crx [2013-10-30]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\Neochris\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [iibmmjhgclhlahmjniokmhleigemjpbh] - C:\Users\Neochris\AppData\Local\CRE\iibmmjhgclhlahmjniokmhleigemjpbh.crx
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\Neochris\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Neochris\AppData\Local\mysearchdial-speeddial.crx [2013-10-30]
2015-09-23 08:38 - 2015-09-23 08:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-09-23 08:56 - 2011-06-17 10:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-06 10:17 - 2014-08-24 16:43 - 0000115 _____ () C:\Users\Neochris\AppData\Roaming\WB.CFG
2013-10-30 09:10 - 2014-01-06 09:17 - 0351124 _____ () C:\Users\Neochris\AppData\Local\mysearchdial-speeddial.crx
Task: {C95EE4D7-325E-439D-AA2D-41536A68D5DE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-10-07] ()
Task: {F7B098EF-0CBF-4689-8CC6-190D7EB7E24A} - \DealPlyUpdate -> Pas de fichier <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe



EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité