cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
Task: {452B9991-F552-4A66-A27C-EA33D482B4B1} - System32\Tasks\Microsoft\Windows\Media Center\VideoFetcher => C:\ProgramData\VideoFetcher\VideoFetcher.exe [2016-03-24] () <==== ATTENTION
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.98.11]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.99.11]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.98.11]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.99.11]
HKU\S-1-5-21-996057615-3095967527-2824754249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
HKU\S-1-5-21-996057615-3095967527-2824754249-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.98.11]
SearchScopes: HKLM -> {A89F8E88-8BCE-43F1-8B88-F1D65B27EB5B} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} [Pays NL - 176.32.108.178]
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.99.11]
SearchScopes: HKLM-x32 -> {A89F8E88-8BCE-43F1-8B88-F1D65B27EB5B} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} [Pays NL - 176.32.108.178]
SearchScopes: HKU\S-1-5-21-996057615-3095967527-2824754249-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.98.11]
SearchScopes: HKU\S-1-5-21-996057615-3095967527-2824754249-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L&q={searchTerms} [Pays US - 104.25.99.11]


Edge HomeButtonPage: HKU\S-1-5-21-996057615-3095967527-2824754249-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
StartMenuInternet: FIREFOX.EXE - c:\program files (x86)\mozilla firefox\firefox.exe hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
2016-06-07 08:41 - 2016-06-07 08:41 - 00000631 _____ C:\nuesearch.xml
ShortcutWithArgument: C:\Users\rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
ShortcutWithArgument: C:\Users\rachid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
ShortcutWithArgument: C:\Users\rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
ShortcutWithArgument: C:\Users\rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 1 Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
ShortcutWithArgument: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.98.11]
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1465281677&z=3bd4d6ab368376d7479b931g4z1q1w7oeb6g9q9m1m&from=wpm0607&uid=ST1000DM003-1CH162_Z1D3MB9L [Pays US - 104.25.99.11]
2016-06-07 19:02 - 2016-06-07 19:02 - 00000000 ____D C:\Users\rachid\AppData\Roaming\Enigma Software Group
2016-06-01 08:38 - 2016-06-01 08:38 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
Hosts:
EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité