cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
Hosts:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3676107694-902447838-763629229-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3676107694-902447838-763629229-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR DefaultSearchURL: Default -> hxxp://www.oursurfing.com/web/?type=ds&ts=1445922030&z=c11a03ce09b90ffc5e60c6cgaz5z3w1t1ofobe5c8e&from=amt&uid=hitachixhts547575a9e384_j2190020dy6xuddy6xudx&q={searchTerms}
CHR DefaultSearchKeyword: Default -> oursurfing
2015-11-18 15:38 - 2015-11-18 15:38 - 00030799 _____ C:\Users\damien\Downloads\hijackthis.log
2015-11-18 15:37 - 2015-11-18 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\damien\Downloads\HijackThis.exe
2015-11-18 15:33 - 2015-11-18 15:33 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\damien\Downloads\SpyHunter-Installer.exe
2015-11-18 15:25 - 2015-11-18 15:25 - 05639131 _____ (Swearware) C:\Users\damien\Downloads\ComboFix.exe
2015-11-18 15:24 - 2015-11-18 15:56 - 00000000 ____D C:\Navilog1
2015-11-18 15:23 - 2015-11-18 15:23 - 00001706 _____ C:\Users\damien\Desktop\Rkill.txt
2015-10-27 16:02 - 2015-10-27 16:02 - 00000000 ____D C:\Program Files (x86)\AKick
2012-08-17 11:52 - 2012-07-30 17:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 11:52 - 2009-07-22 21:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
C:\Users\damien\AppData\Local\Temp\xmlUpdater.exe
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier <==== ATTENTION
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Pas de fichier <==== ATTENTION
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Pas de fichier <==== ATTENTION
Task: {40525C58-79C2-47A1-9AA2-F1D7FC4F0691} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Pas de fichier <==== ATTENTION
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Pas de fichier <==== ATTENTION
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Pas de fichier <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Pas de fichier <==== ATTENTION
HKU\S-1-5-21-3676107694-902447838-763629229-1002\...\StartupApproved\Run: => "cacaoweb"
FirewallRules: [TCP Query User{E3164CE5-AEEE-40F3-95FB-5FAF78D7116E}C:\users\damien\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\damien\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{FEA45F45-E57B-449D-92E1-D2962958E8E0}C:\users\damien\appdata\roaming\cacaoweb\cacaoweb.exe] => (Allow) C:\users\damien\appdata\roaming\cacaoweb\cacaoweb.exe



EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité