cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
RemoveProxy:

HKU\S-1-5-21-1870027983-4264097883-3264919129-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1870027983-4264097883-3264919129-1000\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-1870027983-4264097883-3264919129-1000\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\S-1-5-21-1870027983-4264097883-3264919129-1000\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
AppInit_DLLs: C:\PROGRA~2\KeyCryptSDK\KeyCrypt64(1).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KeyCryptSDK\KeyCrypt32(1).dll => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1870027983-4264097883-3264919129-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
S2 gupdate1d07c27b3c11b6; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc.)
S3 gupdatem1d07c27bae3622; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-21] (Google Inc.)
R1 AntiLog32; C:\windows\system32\drivers\AntiLog64.sys [49752 2015-01-07] (Zemana Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 ERSvc; no ImagePath
U2 IAStorDataMgrsvc; no ImagePath
U2 NIHardwareService; no ImagePath
U2 NVSvc; no ImagePath
U2 Parvdm; no ImagePath
U2 srService; no ImagePath
C:\Windows\SysWOW64\runouce.exe <======= ATTENTION
C:\Windows\SysWOW64\wmicuclt.exe <======= ATTENTION
AntiLogger (x32 Version: 1.9.3.602 - Zemana Ltd.) Hidden

KeyCrypt SDK version 1.8.1.199 (HKLM-x32\...\{5575EADE-4685-4E15-A9CD-6036BC2A3F75}_is1) (Version: 1.8.1.199 - Zemana Ltd.)
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com <======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\125sms.com -> www.125sms.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\12w.net -> download-video.12w.net<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1337-crew.to -> www.1337-crew.to<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1337crew.info -> www.1337crew.info<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\150freesms.de -> www.150freesms.de<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\17concepts.info -> www.17concepts.info<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1800searchonline.com -> www.1800searchonline.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\180searchassistant.com -> www.180searchassistant.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\180solutions.com -> bis.180solutions.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1987324.com -> www.1987324.com<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1gb.ru -> people.1gb.ru<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1ghporn.info -> www.1ghporn.info<======= ATTENTION
IE restricted site: HKU\.DEFAULT\...\1importantiamreal.com -> www.1importantiamreal.com<======= ATTENTION

EmptyTemp:
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
end

Publicité


Signaler le contenu de ce document

Publicité