cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
System drive C: has 8 GB () free of 155 GB
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[MD5.2EE46D0268B69DFED15647DD974FE37E] - 11/07/2012 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.444D310F8A73A1E4DE5BB650B3708462] - 11/07/2012 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
O23 - Service: Airtop (Airtop) . (...) - C:\ProgramData\Airtop\Airtop.exe
O23 - Service: ApplicationHosting (ApplicationHosting) . (...) - C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
O23 - Service: Dripkix Service (Dripkix) . (.Copyright © 2015 - .) - C:\Program Files\Dripkix\Dripkix.exe
O23 - Service: Rename Outline (gufutoqu) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\knsjC532.tmp
O23 - Service: Add Telephone Line (nyneryxo) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\hnsg5CE7.tmp
O23 - Service: Free Up Joystick (roqenufe) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\jnsb480E.tmp
O23 - Service: SSFK (SSFK) . (.TODO: - TODO: .) - C:\Program Files (x86)\SFK\SSFK.exe {1121D343CEADB8041BAC48B044906C5E105E}
O23 - Service: Update Mgr AssistPoint (Update Mgr AssistPoint) . (...) - C:\Program Files (x86)\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56\updater.exe (.not file.)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Sysinternals process Explorer - Sysinternals process Explorer.) - C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe {11215BD52CE822E39F61AAE0642B2F566ABD}
O23 - Service: WNetEnhancer Service (WNetEnhancer Service) . (...) - C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\663d2e82e7a5dc32e243ab08ac2ec4a6.exe
O23 - Service: Zitenop (Zitenop) . (...) - C:\ProgramData\Zitenop\Zitenop.exe
[MD5.5CB43CAD6E0507ED5363DD352478D408] [APT] [kol3015] (...) -- C:\Program Files (x86)\Fast-Search\kol3015.exe [58701]
[MD5.00000000000000000000000000000000] [APT] [Urecceqm] (...) -- C:\PROGRA~1\GROOVE~1\Okael.bat (.not file.) [0]
[MD5.8643E609F6E5C53EFD9AF59CBBEFEE1D] [APT] [VKCAGRPJFKDHGGAN] (.All rights reserved..) -- C:\ProgramData\Service7609\Service7609.exe [419328]
O39 - APT: VKCAGRPJFKDHGGAN - (.All rights reserved..) -- C:\Windows\Tasks\VKCAGRPJFKDHGGAN.job [344]
O39 - APT: kol3015 - (...) -- C:\Windows\System32\Tasks\kol3015 [3090]
O39 - APT: Urecceqm - (...) -- C:\Windows\System32\Tasks\Urecceqm [3338]
O39 - APT: VKCAGRPJFKDHGGAN - (.All rights reserved..) -- C:\Windows\System32\Tasks\VKCAGRPJFKDHGGAN [3380]
[MD5.63702EE9CBE4347C48FA6F30083D26A2] - (...) -- C:\ProgramData\Airtop\Airtop.exe [401408] [PID.1724]
[MD5.165DA337583D903CEEC988F56F933419] - (...) -- C:\ProgramData\ApplicationHosting\ApplicationHosting.exe [401408] [PID.1928]
[MD5.790AC1BEFFBCC73A7ADD37CF7030E44C] - (.Copyright © 2015 - .) -- C:\Program Files\Dripkix\Dripkix.exe [379904] [PID.2084]
[MD5.71678A862FDBACC1B5A15BE31008306E] - (...) -- C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\hnsg5CE7.tmp [134656] [PID.2432]
[MD5.74752ECD1495E4388CCC3B781E637F91] - (...) -- C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\jnsb480E.tmp [307200] [PID.2556]
[MD5.44D1D137952BE444B2BD998200151DFC] - (.TODO: - TODO: .) -- C:\Program Files (x86)\SFK\SSFK.exe [155280] [PID.2760] {1121D343CEADB8041BAC48B044906C5E105E}
[MD5.4DDF155817D2BF79675B400038A41317] - (...) -- C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\663d2e82e7a5dc32e243ab08ac2ec4a6.exe [1457152] [PID.2948]
[MD5.F64E1F680DEEE761AE00D650EC0FB129] - (...) -- C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\upgmsd_fr_005010169.exe [3261616] [PID.4836] {1121659F89D645B84A6361DBAB1CE36D6315}
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\Program Files (x86)\rec_en_77\rec_en_77.exe [291648] [PID.3936] {11219EC4C02D1E1878E59FED81CDA1E305F8}
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\Program Files (x86)\gmsd_fr_005010169\gmsd_fr_005010169.exe [291648] [PID.4320] {1121659F89D645B84A6361DBAB1CE36D6315}
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\ProgramData\Airtop\Airtop.exe [291648] [PID.6276]
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\7e0e6c165467f226fa2a8f9d6445d9af.exe [291648] [PID.10592]
[MD5.A005676B30AEB3C7703C317D992B193A] - (.Copyright © 2015 - .) -- C:\Program Files\Dripkix\packages\76b17136-be0a-4a59-8a8b-6dca3c97cc4d\Drip.exe [291648] [PID.14572]
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\ProgramData\Zitenop\Zitenop.exe [291648] [PID.9696]
[MD5.A005676B30AEB3C7703C317D992B193A] - (...) -- C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\knsjC532.tmp [291648] [PID.16588]
G2 - GCE: Preference [User Data\Default] [fhdcbgmkmfapmaccefgcigficdnphjbn] [{"background":{"scripts":["background.js"]},"conte] {background:{scripts:[background.js]}content_scrip
P2 - EXT FILE: (...) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\findit.xml
P2 - EXT FILE: (...) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\istartpageing.xml
P2 - EXT FILE: (...) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\search-simple.xml
P2 - EXT FILE: (...) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\yahoo.xml
P2 - EXT: (.lightningnewtab.com - Newtab.) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\extensions\deskCutv2@gmail.com
P2 - EXT: (.roc - YahooToolsProtected .) -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\extensions\yahooprotected@gmail.com
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByKo5GOPu13rXw155J4OB8oo3_nrI_YPbYytCFQMvqrv5QNdU0j2sjSZdooisThXcRcgUYaWyOaN5DqyNbRFcqYtiw8A0zjNGuJWk93003G8B1-suLT2VAyq6xBHqSp2uzWkn2eJkBUuIoLVNyLfxNC1mvis4
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxw155j4ob8oo3_nri_ypbyytcfqmvqrv5qndu0j2sjszdooisthxcrcguyawyoan5dqdcbztevk9yo_oplzovxeitjg-jalxk8sgq8x5mlsdgtsrv4swri8h3dyautnqleoivqh8ejs0eb78f&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxw155j4ob8oo3_nri_ypbyytcfqmvqrv5qndu0j2sjszdooisthxcrcguyawyoan5dqdcbztevk9yo_oplzovxeitjg-jalxk8sgq8x5mlsdgtsrv4swri8h3dyautnqleoivqh8ejs0eb78f&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxw155j4ob8oo3_nri_ypbyytcfqmvqrv5qndu0j2sjszdooisthxcrcguyawyoan5dqdcbztevk9yo_oplzovxeitjg-jalxk8sgq8x5mlsdgtsrv4swri8h3dyautnqleoivqh8ejs0eb78f&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxw155j4ob8oo3_nri_ypbyytcfqmvqrv5qndu0j2sjszdooisthxcrcguyawyoan5dqdcbztevk9yo_oplzovxeitjg-jalxk8sgq8x5mlsdgtsrv4swri8h3dyautnqleoivqh8ejs0eb78f&q={searchterms}
R1 - HKEY_USERS\S-1-5-21-921229589-2242423223-674013632-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_byko5gopu13rxw155j4ob8oo3_nri_ypbyytcfqmvqrv5qndu0j2sjszdooisthxcrcguyawyoan5dqdcbztevk9yo_oplzovxeitjg-jalxk8sgq8x5mlsdgtsrv4swri8h3dyautnqleoivqh8ejs0eb78f&q={searchterms}
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:52083;https=127.0.0.1:52083
O2 - BHO: CrossriderApp0035497 [64Bits] - {11111111-1111-1111-1111-110311541197} (Orphean)
O2 - BHO: CrossriderApp0048922 [64Bits] - {11111111-1111-1111-1111-110411891122} (Orphean)
O2 - BHO: TrustMediaViewerV1alpha1193 [64Bits] - {30c23909-a0f6-4e68-a6f7-919ff3cfac34} (Orphean)
O4 - HKLM\..\Run: [SpaceSoundPro] C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe (.not file.)
O4 - HKCU\..\Run: [WindApp] C:\Users\Alexis\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.)
O4 - HKCU\..\Run: [Selection Tools] C:\Users\Alexis\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [ospd_us_013010168] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [rec_en_77] . (...) -- C:\Program Files (x86)\rec_en_77\rec_en_77.exe {11219EC4C02D1E1878E59FED81CDA1E305F8}
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010169] . (...) -- C:\Program Files (x86)\gmsd_fr_005010169\gmsd_fr_005010169.exe {1121659F89D645B84A6361DBAB1CE36D6315}
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_005010169.exe] . (...) -- C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\upgmsd_fr_005010169.exe {1121659F89D645B84A6361DBAB1CE36D6315}
O4 - HKLM\..\Wow6432Node\RunOnce: [Update] C:\Users\Alexis\AppData\Roaming\VOPackage\VOPackage.exe (.not file.)
O4 - HKUS\S-1-5-21-921229589-2242423223-674013632-1001\..\Run: [WindApp] C:\Users\Alexis\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.)
O4 - HKUS\S-1-5-21-921229589-2242423223-674013632-1001\..\Run: [Selection Tools] C:\Users\Alexis\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.)
O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\Windows\System32\Ekiraky.dll (Not File)
O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\Windows\System32\Ekiraky.dll (Not File)
O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (...) -- C:\Windows\System32\Ekiraky.dll (Not File)
O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (...) -- C:\Windows\System32\Ekiraky.dll (Not File)
O10 - WLSP:\Catalog_Entries\000000000015\Winsock LSP File . (...) -- C:\Windows\System32\Ekiraky.dll (Not File)
O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (...) -- C:\Windows\system32\Ekiraky64.dll
O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (...) -- C:\Windows\system32\Ekiraky64.dll
O10 - WLSP:\Catalog_Entries64\000000000003\Winsock LSP File . (...) -- C:\Windows\system32\Ekiraky64.dll
O10 - WLSP:\Catalog_Entries64\000000000004\Winsock LSP File . (...) -- C:\Windows\system32\Ekiraky64.dll
O10 - WLSP:\Catalog_Entries64\000000000005\Winsock LSP File . (...) -- C:\Windows\system32\Ofuwday64.dll
O10 - WLSP:\Catalog_Entries64\000000000006\Winsock LSP File . (...) -- C:\Windows\system32\Ofuwday64.dll
O10 - WLSP:\Catalog_Entries64\000000000007\Winsock LSP File . (...) -- C:\Windows\system32\Ofuwday64.dll
O10 - WLSP:\Catalog_Entries64\000000000008\Winsock LSP File . (...) -- C:\Windows\system32\Ofuwday64.dll
O10 - WLSP:\Catalog_Entries64\000000000019\Winsock LSP File . (...) -- C:\Windows\system32\Ofuwday64.dll
O10 - WLSP:\Catalog_Entries64\000000000020\Winsock LSP File . (...) -- C:\Windows\system32\Ekiraky64.dll
O20 - AppInit_DLLs: . (...) - C:\ProgramData\Zitenop\Viajob.dll
O42 - Logiciel: GamesDesktop 001.005010169 - (.GAMESDESKTOP.) [HKLM][64Bits] -- gmsd_fr_005010169_is1
O42 - Logiciel: SafeFinder - (.Linkury.) [HKLM][64Bits] -- {D71F4C2F-F591-45C8-87D7-C1FD4DC4A7EC}
O42 - Logiciel: SVH - (...) [HKLM][64Bits] -- rec_en_77_is1
HKLM\SOFTWARE\Wow6432Node\AssistPoint
HKLM\SOFTWARE\Wow6432Node\downchecker
HKLM\SOFTWARE\Wow6432Node\Fast-Search
HKLM\SOFTWARE\Wow6432Node\FFPluginHp
HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP
HKLM\SOFTWARE\Wow6432Node\istartpageingSoftware
HKLM\SOFTWARE\Wow6432Node\LolliScan
HKLM\SOFTWARE\Wow6432Node\mtAirtop
HKLM\SOFTWARE\Wow6432Node\mtZitenop
HKLM\SOFTWARE\Wow6432Node\RichMediaViewV1
HKLM\SOFTWARE\Wow6432Node\RichMediaViewV1release399
HKLM\SOFTWARE\Wow6432Node\SensePlus-nv
HKLM\SOFTWARE\Wow6432Node\SensePlus-nv-ie
HKLM\SOFTWARE\Wow6432Node\SpaceSondPro
HKLM\SOFTWARE\Wow6432Node\SVH
HKLM\SOFTWARE\Wow6432Node\SwiftSearch_1.10.0.25
HKLM\SOFTWARE\Wow6432Node\TrustMediaViewerV1alpha1193
HKLM\SOFTWARE\Wow6432Node\Tutorials
HKLM\SOFTWARE\Wow6432Node\WNetEnhancer
HKLM\SOFTWARE\Wow6432Node\yoursearchingSoftware
HKCU\SOFTWARE\DailyPcClean
HKCU\SOFTWARE\iWebar-nv-ie
HKCU\SOFTWARE\Nosibay
HKCU\SOFTWARE\Store
HKCU\SOFTWARE\tstamptoken
HKCU\SOFTWARE\Tutorials
HKCU\SOFTWARE\TutoTag
HKCU\SOFTWARE\WNetEnhancer
HKCU\SOFTWARE\WTools
3 - CFD: 08/12/2015 - [] D -- C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009
3 - CFD: 07/12/2015 - [] D -- C:\Program Files (x86)\032B0290-1449484097-0559-0306-940700080009
3 - CFD: 23/03/2015 - [] D -- C:\Program Files (x86)\209fe72e-431d-43ba-948d-1274eef4bd7f
3 - CFD: 23/03/2015 - [] D -- C:\Program Files (x86)\6d2018b6-192d-498a-8d18-12afcb059256
3 - CFD: 18/11/2015 - [] D -- C:\Program Files (x86)\Assist Point
3 - CFD: 08/12/2015 - [] D -- C:\Program Files (x86)\Fast-Search
3 - CFD: 07/12/2015 - [] D -- C:\Program Files (x86)\gmsd_fr_005010169
3 - CFD: 07/12/2015 - [] D -- C:\Program Files (x86)\rec_en_77
3 - CFD: 08/12/2015 - [] D -- C:\Program Files (x86)\SFK
3 - CFD: 07/12/2015 - [] D -- C:\Program Files (x86)\WNetEnhancer
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNetEnhancer
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
3 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Airtop
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\Airtops
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\ApplicationHosting
3 - CFD: 07/12/2015 - [] D -- C:\ProgramData\Service7609
3 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Zitenop
3 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Zitenops
3 - CFD: 08/12/2015 - [0] D -- C:\Users\Alexis\AppData\Roaming\istartpageing
3 - CFD: 08/12/2015 - [0] D -- C:\Users\Alexis\AppData\Roaming\Nosibay
3 - CFD: 08/12/2015 - [] D -- C:\Users\Alexis\AppData\Roaming\OpenCandy
3 - CFD: 08/12/2015 - [0] D -- C:\Users\Alexis\AppData\Roaming\Store
3 - CFD: 08/12/2015 - [0] D -- C:\Users\Alexis\AppData\Roaming\WTools
3 - CFD: 07/12/2015 - [0] D -- C:\Users\Alexis\AppData\Roaming\yoursearching
3 - CFD: 08/12/2015 - [] D -- C:\Users\Alexis\AppData\Local\gmsd_fr_005010169
3 - CFD: 07/12/2015 - [] D -- C:\Users\Alexis\AppData\Local\Installer
3 - CFD: 07/12/2015 - [] D -- C:\Users\Alexis\AppData\Local\rec_en_77
3 - CFD: 08/12/2015 - [] D -- C:\Users\Alexis\AppData\Local\SmartWeb
3 - CFD: 10/04/2014 - [] D -- C:\Users\Alexis\AppData\Local\Software
O45 - LFCP:[MD5.91F5519404E8885113099DEFC56BAC6F] 08/12/2015 A -- C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-5D7E35F7.pf
O45 - LFCP:[MD5.8B05E5A4971FDDF3A6A5400F14AFF63A] 08/12/2015 A -- C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-29E55CE8.pf
O45 - LFCP:[MD5.6AF2E1DA57B1B6EA33EC5605ED054529] 08/12/2015 A -- C:\Windows\Prefetch\BUBBLE DOCK.EXE-C3A82C7A.pf
O45 - LFCP:[MD5.38DB5057F06C489999555EF8C692A5D9] 08/12/2015 A -- C:\Windows\Prefetch\LBUBBLE DOCK.EXE-2F791CAE.pf
O45 - LFCP:[MD5.0B3EAB6AEFC776BC375E5EF57AE00F7D] 08/12/2015 A -- C:\Windows\Prefetch\SEARCHMOREKNOWDESKTOPSEARCH.E-4D59CE71.pf
O45 - LFCP:[MD5.B735FBB9A79BCF9864E09FD22C68F79C] 08/12/2015 A -- C:\Windows\Prefetch\SELECTION TOOLS.EXE-E43D508D.pf
O45 - LFCP:[MD5.1E176CAD970806CAC2AB01F306410518] 08/12/2015 A -- C:\Windows\Prefetch\UPGMSD_FR_005010169.EXE-06E01730.pf
O58 - SDL:2015/12/07 19:36:36 A . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\Windows\System32\drivers\cherimoya.sys [61336] {1121B348573C1CA1DF257D517183A16A9C79}
O61 - LFC: 2015/12/07 18:40:34 A . (..) -- C:\Users\Alexis\AppData\Roaming\moses.exe [291648]
O61 - LFC: 2015/12/08 19:19:35 A . (..) -- C:\Users\Alexis\AppData\Roaming\OpenCandy\34B2AA63A5384F389CDE46C223899B62\setup.exe [291648] {785165B82B596AA4788FFE2543F5E3A3}
O61 - LFC: 2015/12/07 19:36:12 A . (.SoftBrain Technologies Ltd..) -- C:\Users\Alexis\AppData\Local\SmartWeb\__u.exe [291648]
O61 - LFC: 2015/12/07 11:38:16 A . (.Copyright (C) 2014.) -- C:\Users\Alexis\AppData\Local\Installer\Install_26144\YTDownloader.exe [291648]
O61 - LFC: 2015/12/07 13:05:38 A . (..) -- C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\upgmsd_fr_005010169.exe [291648] {1121659F89D645B84A6361DBAB1CE36D6315}
O61 - LFC: 2015/12/08 20:19:48 A . (..) -- C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\Download\myoffergroup_fr.exe [291648]
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Alexis\AppData\Local\BoBrowser\Application\bobrowser.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.8pecxstudios - Cyberfox.) -- D:\Program Files (x86)\Cyberfox\Cyberfox.exe http://www.piesearch.com/
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.piesearch.com/
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.piesearch.com/
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.ex http://www.yoursearching.com/
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\Alexis\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\Alexis\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\Alexis\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.)
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.search.defaultenginename", "webssearches");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.search.searchengine.ptid", "cmi");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.search.searchengine.uid", "WDCXWD3200AAJS-00B4A0_WD-WMAT1032030320303");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.search.selectedEngine", "webssearches");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("browser.startup.homepage", "C:\\ProgramData\\Zitenops\\ff.HP");
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("extensions.enabledAddons", "yahooprotected%40gmail.com:1.0.1.1042,deskCutv2%40gmail.com:0.1.12,%7B972ce4c6-7e08-4474-a2[...]
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("extensions.quick_start.enable_search1", false);
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"deskCutv2@gmail.com\":{\"d\":\"C:\\\\Users\\\\Alexis\\\\AppData\\\\Roaming\\[...]
O69 - SBI: prefs.js [Alexis - 8i3qsk17.default] user_pref("keyword.URL", "http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQsNBwlCRAUSbQAIUgFcFQYXcBQAVlwQDAZAIwAAAg1JR[...]
O69 - SBI: SearchScopes [HKCU] {B37A3067-8B54-4980-88AA-C660C8CCE4E8} [DefaultScope] - (Default) - http://searchinterneat-a.akamaihd.net/
O69 - SBI: SearchScopes [HKCU] {ielnksrch} - (Search the web) - http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_ByKo5GOPu13rXw155J4OB8oo3_nrI_YPbYytCFQMvqrv5QNdU0j2sjSZdooisThXcRcgUYaWyOaN5DqDcBztEVk9yo_oPLzoVXEITJg-jALxK8Sgq8x5MlsDgTSRv4sWri8h3dyAuTNqLEoIvqh8EJS0eB78f&q={searchTerms}
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com/
SR - Auto [07/12/2015] [ 291648] Airtop (Airtop) . (...) - C:\ProgramData\Airtop\Airtop.exe
SR - Auto [07/12/2015] [ 291648] ApplicationHosting (ApplicationHosting) . (...) - C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
SR - Auto [12/11/2015] [ 291648] Dripkix Service (Dripkix) . (.Copyright © 2015.) - C:\Program Files\Dripkix\Dripkix.exe
SR - Auto [08/12/2015] [ 291648] Rename Outline (gufutoqu) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\knsjC532.tmp
SR - Auto [07/12/2015] [ 291648] Add Telephone Line (nyneryxo) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\hnsg5CE7.tmp
SR - Auto [07/12/2015] [ 291648] Free Up Joystick (roqenufe) . (...) - C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\jnsb480E.tmp
SR - Auto [07/12/2015] [ 291648] SSFK (SSFK) . (.TODO: .) - C:\Program Files (x86)\SFK\SSFK.exe {1121D343CEADB8041BAC48B044906C5E105E}
SR - Auto [07/12/2015] [ 291648] WindowsMangerProtect Service (WindowsMangerProtect) . (.Sysinternals process Explorer.) - C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe {11215BD52CE822E39F61AAE0642B2F566ABD}
SR - Auto [04/12/2015] [ 291648] WNetEnhancer Service (WNetEnhancer Service) . (...) - C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\663d2e82e7a5dc32e243ab08ac2ec4a6.exe
SR - Auto [08/12/2015] [ 291648] Zitenop (Zitenop) . (...) - C:\ProgramData\Zitenop\Zitenop.exe
HKLM\SOFTWARE\Microsoft\Tracing\Dripkix_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\Dripkix_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Airtop_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Airtop_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApplicationHosting_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ApplicationHosting_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Uninstall_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Uninstall_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OneSystemCare_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OneSystemCare_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Selection Tools Uninstall_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Selection Tools Uninstall_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Selection Tools_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Selection Tools_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpaceSoundPro_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpaceSoundPro_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upgmsd_fr_005010169_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upgmsd_fr_005010169_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upospd_us_013010168_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upospd_us_013010168_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Zitenop_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Zitenop_RASMANCS
HKLM\SYSTEM\CurrentControlSet\Services\Airtop
C:\ProgramData\Airtop\Airtop.exe
HKLM\SYSTEM\CurrentControlSet\Services\ApplicationHosting
C:\ProgramData\ApplicationHosting\ApplicationHosting.exe
HKLM\SYSTEM\CurrentControlSet\Services\Dripkix
C:\Program Files\Dripkix\Dripkix.exe
HKLM\SYSTEM\CurrentControlSet\Services\gufutoqu
C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\knsjC532.tmp
HKLM\SYSTEM\CurrentControlSet\Services\nyneryxo
C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\hnsg5CE7.tmp
HKLM\SYSTEM\CurrentControlSet\Services\roqenufe
C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009\jnsb480E.tmp
HKLM\SYSTEM\CurrentControlSet\Services\SSFK
C:\Program Files (x86)\SFK\SSFK.exe
HKLM\SOFTWARE\AssistPoint
HKLM\SYSTEM\CurrentControlSet\Services\Update Mgr AssistPoint
HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect
C:\ProgramData\Tmp0x0x\ProtectWindowsManager.exe
HKLM\SYSTEM\CurrentControlSet\Services\WNetEnhancer Service
C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\663d2e82e7a5dc32e243ab08ac2ec4a6.exe
HKLM\SYSTEM\CurrentControlSet\Services\Zitenop
C:\ProgramData\Zitenop\Zitenop.exe
C:\Program Files (x86)\Fast-Search\kol3015.exe
C:\ProgramData\Service7609
C:\ProgramData\Service7609\Service7609.exe
C:\Windows\Tasks\VKCAGRPJFKDHGGAN.job
C:\Windows\System32\Tasks\kol3015
C:\Windows\System32\Tasks\Urecceqm
C:\Windows\System32\Tasks\VKCAGRPJFKDHGGAN
C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\upgmsd_fr_005010169.exe
C:\Program Files (x86)\rec_en_77\rec_en_77.exe
C:\Program Files (x86)\gmsd_fr_005010169\gmsd_fr_005010169.exe
C:\Program Files (x86)\WNetEnhancer\WNetEnhancer Internet Enhancer\7e0e6c165467f226fa2a8f9d6445d9af.exe
C:\Program Files\Dripkix\packages\76b17136-be0a-4a59-8a8b-6dca3c97cc4d\Drip.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdcbgmkmfapmaccefgcigficdnphjbn
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\findit.xml
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\istartpageing.xml
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\search-simple.xml
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\searchplugins\yahoo.xml
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\8i3qsk17.default\extensions\deskCutv2@gmail.com
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311541197}
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891122}
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30c23909-a0f6-4e68-a6f7-919ff3cfac34}
C:\Windows\system32\Ekiraky64.dll
C:\Windows\system32\Ofuwday64.dll
C:\ProgramData\Zitenop\Viajob.dll
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_005010169_is1
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\rec_en_77_is1
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D71F4C2F-F591-45C8-87D7-C1FD4DC4A7EC}
C:\Program Files (x86)\032B0290-1449484090-0559-0306-940700080009
C:\Program Files (x86)\032B0290-1449484097-0559-0306-940700080009
C:\Program Files (x86)\209fe72e-431d-43ba-948d-1274eef4bd7f
C:\Program Files (x86)\6d2018b6-192d-498a-8d18-12afcb059256
C:\Program Files (x86)\Assist Point
C:\Program Files (x86)\Fast-Search
C:\Program Files (x86)\gmsd_fr_005010169
C:\Program Files (x86)\rec_en_77
C:\Program Files (x86)\SFK
C:\Program Files (x86)\WNetEnhancer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNetEnhancer
C:\ProgramData\Airtop
C:\ProgramData\Airtops
C:\ProgramData\ApplicationHosting
C:\ProgramData\Zitenop
C:\ProgramData\Zitenops
C:\Users\Alexis\AppData\Roaming\istartpageing
C:\Users\Alexis\AppData\Roaming\Nosibay
C:\Users\Alexis\AppData\Roaming\OpenCandy
C:\Users\Alexis\AppData\Roaming\Store
C:\Users\Alexis\AppData\Roaming\yoursearching
C:\Users\Alexis\AppData\Local\gmsd_fr_005010169
C:\Users\Alexis\AppData\Local\Installer
C:\Users\Alexis\AppData\Local\rec_en_77
C:\Users\Alexis\AppData\Local\SmartWeb
C:\Users\Alexis\AppData\Local\Software
C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-5D7E35F7.pf
C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-29E55CE8.pf
C:\Windows\Prefetch\BUBBLE DOCK.EXE-C3A82C7A.pf
C:\Windows\Prefetch\LBUBBLE DOCK.EXE-2F791CAE.pf
C:\Windows\Prefetch\SEARCHMOREKNOWDESKTOPSEARCH.E-4D59CE71.pf
C:\Windows\Prefetch\SELECTION TOOLS.EXE-E43D508D.pf
C:\Windows\Prefetch\UPGMSD_FR_005010169.EXE-06E01730.pf
C:\Windows\System32\drivers\cherimoya.sys
C:\Users\Alexis\AppData\Roaming\OpenCandy\34B2AA63A5384F389CDE46C223899B62\setup.exe
C:\Users\Alexis\AppData\Local\SmartWeb\__u.exe
C:\Users\Alexis\AppData\Local\Installer\Install_26144\YTDownloader.exe
C:\Users\Alexis\AppData\Local\gmsd_fr_005010169\Download\myoffergroup_fr.exe
HKLM64\SOFTWARE\Microsoft\Tracing\Dripkix_RASAPI32
HKLM64\SOFTWARE\Microsoft\Tracing\Dripkix_RASMANCS

Publicité


Signaler le contenu de ce document

Publicité