cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

# AdwCleaner v5.019 - Logfile created 12/11/2015 at 13:41:54
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 7 Professional (x64)
# Username : mohamed - MOHAMED-PC
# Running from : C:\Users\mohamed\Desktop\adwcleaner_5.019.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : QQPCRTP
Service Found : TAOAccelerator
Service Found : TSDefenseBt
Service Found : TSSysKit
Service Found : QMUdisk
Service Found : TS888x64
Service Found : QQSysMonX64
Service Found : TSCPM
Service Found : TFsFlt
Service Found : TAOFrame
Service Found : TAOKernelDriver
Service Found : TSSKX64
Service Found : ihpmServer

***** [ Folders ] *****

Folder Found : C:\IQIYI Video
Folder Found : C:\Program Files (x86)\tencent
Folder Found : C:\Program Files (x86)\RayDld
Folder Found : C:\Program Files (x86)\CinemaP-1.9cV09.11
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\ProgramData\IQIYI Video
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\TXQMPC
Folder Found : C:\Users\mohamed\AppData\Local\globalUpdate
Folder Found : C:\Users\mohamed\AppData\Local\SysassistByHotWheel
Folder Found : C:\Users\mohamed\AppData\Local\Temp\tencent
Folder Found : C:\Users\mohamed\AppData\Roaming\IQIYI Video
Folder Found : C:\Users\mohamed\AppData\Roaming\oursurfing
Folder Found : C:\Users\mohamed\AppData\Roaming\tencent
Folder Found : C:\Users\mohamed\AppData\Roaming\ppslog
Folder Found : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

File Found : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\????.lnk
File Found : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????\????\????.lnk
File Found : C:\Users\mohamed\Desktop\PPS????.lnk
File Found : C:\Users\mohamed\Desktop\????.lnk
File Found : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
File Found : C:\Windows\SysNative\drivers\TSSKX64.sys
File Found : C:\Windows\SysNative\drivers\TAOKernel64.sys
File Found : C:\Windows\SysNative\drivers\TFsFltX64.sys
File Found : C:\Windows\SysWOW64\drivers\TsFltMgr.sys
File Found : C:\Windows\SysWOW64\drivers\TS888x64.sys

***** [ DLL ] *****


***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\mohamed\Desktop\Google Chrome.lnk ( hxxp://www.oursurfing.com/?type=sc&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t )
Shortcut Infected : C:\Users\mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.oursurfing.com/?type=sc&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t )
Shortcut Infected : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.oursurfing.com/?type=sc&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t )
Shortcut Infected : C:\Users\mohamed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.oursurfing.com/?type=sc&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t )

***** [ Scheduled tasks ] *****

Task Found : amiupdaterExd
Task Found : amiupdaterExi

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\CLASSES\METNSD
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Key Found : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HCDNClient]
Key Found : HKLM\SOFTWARE\Classes\qygameclient
Key Found : HKLM\SOFTWARE\Classes\HCDNProxy
Key Found : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PPStream.exe
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ QQPCTray]
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\YorkNewCin
Key Found : HKCU\Software\HighDefAction
Key Found : HKCU\Software\ArenaHD
Key Found : HKCU\Software\QyGameClient
Key Found : HKCU\Software\PPStream
Key Found : HKCU\Software\CinemaP-1.9cV09.11-nv-ie
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\QiYi
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\YorkNewCin
Key Found : HKLM\SOFTWARE\HighDefAction
Key Found : HKLM\SOFTWARE\oursurfingSoftware
Key Found : HKLM\SOFTWARE\ArenaHD
Key Found : HKLM\SOFTWARE\RayDld
Key Found : HKLM\SOFTWARE\ihpmserver
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PPStream
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing
Key Found : [x64] HKLM\SOFTWARE\YorkNewCin
Key Found : [x64] HKLM\SOFTWARE\HighDefAction
Key Found : [x64] HKLM\SOFTWARE\ArenaHD
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=92280131_hao_pg
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=92280131_hao_pg
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] - hxxp://guanjia.qq.com/comm-htdocs/quickaccess/
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Web browsers ] *****

[C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t
[C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://www.oursurfing.com/web/?type=ds&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t&q={searchTerms}
[C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ooebklgpfnbcnpokahmdidgbmlcdepkm
[C:\Users\mohamed\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.oursurfing.com/?type=hp&ts=1447286580&z=17b2ff4f0cf88b457a1e247g8zbzdm1oebbq8w7b6e&from=amt&uid=toshibaxmq01abd100_74jnt1r5txx74jnt1r5t

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [13081 bytes] ##########

Publicité


Signaler le contenu de ce document

Publicité