cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\Run: [BingSvc] => C:\Users\mahmoud\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\Run: [Updates] => D:\Updates.exe
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\MountPoints2: {23c08915-3536-11e4-bb99-00241db3bfdf} - I:\AutoRun.exe
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\MountPoints2: {23c08924-3536-11e4-bb99-00241db3bfdf} - H:\AutoRun.exe
HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\MountPoints2: {67b6eed7-3538-11e4-8044-00241db3bfdf} - I:\AutoRun.exe
ShortcutTarget: rvlkl.lnk -> C:\ProgramData\rvlkl\rvlkl.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450136508&z=2c43d69df6395b8390052cfgdz2wee5g1cfq3wce6m&from=wpm07173&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1421685398&from=exp&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450136508&z=2c43d69df6395b8390052cfgdz2wee5g1cfq3wce6m&from=wpm07173&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421685398&from=exp&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601&q={searchTerms}
SearchScopes: HKU\S-1-5-21-453311672-2777936180-2027923614-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll => No File
Toolbar: HKU\S-1-5-21-453311672-2777936180-2027923614-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1421685398&from=exp&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\fftoolbar2014@etech.com [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\63zEXSF@gmail.com [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\sweetsearch@gmail.com [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\default_newtabff@gmail.com [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\deskCutv2@gmail.com [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\defsearchp@gmail.com.xpi [not found]
FF Extension: No Name - C:\Users\mahmoud\AppData\Roaming\Mozilla\Firefox\Profiles\itc732kg.default\extensions\yahooprotected@gmail.com.xpi [not found]
FF HKU\S-1-5-21-453311672-2777936180-2027923614-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1451377036&z=d97620abd9f27ef7e67891egbz2w1g4c3m5mae2c4c&from=wpm12253&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2390860108601
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION
CHR HomePage: Profile 2 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=ar-xl
S2 IhPul; C:\Users\mahmoud\AppData\Roaming\TSv\TSvr.exe [X]
S2 PicexaService; C:\Program Files\Picexa\PicexaSvc.exe [X]
S2 qkseeService; C:\Program Files\qksee\qkseeSvc.exe [X]
S2 SSFK; C:\Program Files\SFK\SSFK.exe -s [X]
S2 TheDesktopWeatherService; C:\Program Files\WeatherTool\2.0.0.10766\WeatherService.exe [X]
S2 WdMan; C:\ProgramData\8WdM8\WdMan.exe -svr [X]
S2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [X] <==== ATTENTION
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 {0875768f-f9b5-4c33-8b02-554d5f71df0e}Gw; system32\drivers\{0875768f-f9b5-4c33-8b02-554d5f71df0e}Gw.sys [X]
S1 {120f96fd-0a02-4c35-845f-341894b68ecf}Gw; system32\drivers\{120f96fd-0a02-4c35-845f-341894b68ecf}Gw.sys [X]
S1 {1f7001b5-3138-49aa-af1b-2761ce2486a5}Gw; system32\drivers\{1f7001b5-3138-49aa-af1b-2761ce2486a5}Gw.sys [X]
S1 {264f3789-d47b-45fa-80bd-480362380c79}Gw; system32\drivers\{264f3789-d47b-45fa-80bd-480362380c79}Gw.sys [X]
S1 {2c1d8860-89c9-450e-a117-95f496764507}Gw; system32\drivers\{2c1d8860-89c9-450e-a117-95f496764507}Gw.sys [X]
S1 {2de8e01e-b955-44a2-aa24-6714414217a1}Gw; system32\drivers\{2de8e01e-b955-44a2-aa24-6714414217a1}Gw.sys [X]
S1 {326e0409-6d74-43cf-a555-02a7d66ba8fc}Gw; system32\drivers\{326e0409-6d74-43cf-a555-02a7d66ba8fc}Gw.sys [X]
S1 {3a20d1a9-f3e1-47c3-8b8a-a80b8cb188d2}Gw; system32\drivers\{3a20d1a9-f3e1-47c3-8b8a-a80b8cb188d2}Gw.sys [X]
S1 {44f7b789-949a-4637-a1d7-794a4f2351a7}Gw; system32\drivers\{44f7b789-949a-4637-a1d7-794a4f2351a7}Gw.sys [X]
S1 {4dcee693-8029-40a0-baf9-b51173f024d8}Gw; system32\drivers\{4dcee693-8029-40a0-baf9-b51173f024d8}Gw.sys [X]
S1 {5ed000ad-96de-48d3-9cd7-f28c05fefd32}Gw; system32\drivers\{5ed000ad-96de-48d3-9cd7-f28c05fefd32}Gw.sys [X]
S1 {67561ace-c443-4c39-9e16-07f6354b97f2}Gw; system32\drivers\{67561ace-c443-4c39-9e16-07f6354b97f2}Gw.sys [X]
S1 {6e48ad4f-fdba-432d-909e-4ad154ef30a0}Gw; system32\drivers\{6e48ad4f-fdba-432d-909e-4ad154ef30a0}Gw.sys [X]
S1 {6e48ad4f-fdba-432d-909e-4ad154ef30a0}w; system32\drivers\{6e48ad4f-fdba-432d-909e-4ad154ef30a0}w.sys [X]
S1 {95eb2602-1542-41ad-a119-ac67b3286fc6}Gw; system32\drivers\{95eb2602-1542-41ad-a119-ac67b3286fc6}Gw.sys [X]
S1 {aba4e778-dd25-4faa-b02e-0b39ca3812a0}Gw; system32\drivers\{aba4e778-dd25-4faa-b02e-0b39ca3812a0}Gw.sys [X]
S1 {bdc6addf-3c72-484a-a614-9e470f5bfb74}Gw; system32\drivers\{bdc6addf-3c72-484a-a614-9e470f5bfb74}Gw.sys [X]
S1 {cd4fba44-294f-4286-a789-c92e74ff113b}Gw; system32\drivers\{cd4fba44-294f-4286-a789-c92e74ff113b}Gw.sys [X]
S1 {e24cda45-ac0f-47ba-91e6-e65fc71adfd8}Gw; system32\drivers\{e24cda45-ac0f-47ba-91e6-e65fc71adfd8}Gw.sys [X]
S1 {e3d211dc-a320-41e3-882f-8a4778b6e0d1}Gw; system32\drivers\{e3d211dc-a320-41e3-882f-8a4778b6e0d1}Gw.sys [X]
qksee (HKLM\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
RelevantKnowledge (HKLM\...\{d08d9f98-1c78-4704-87e6-368b0023d831}) (Version: 1.3.336.320 - TMRG, Inc.) <==== ATTENTION
The Desktop Weather 2.0 (HKLM\...\WeatherTool) (Version: 2.0.0.10766 - ShenZhen Enode Techology co,.Ltd) <==== ATTENTION
WinRAR 5.00 ÈíÊÇ 3 (32-ÈÊ) (HKLM\...\WinRAR archiver) (Version: 5.00.3 - win.rar GmbH)
WinZip (HKLM\...\WinZip) (Version: 2.0.37 - Winzipper Pvt Ltd.) <==== ATTENTION
YTD Video Downloader 4.8.9 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
Task: {90048EFA-08B2-4B81-9647-FC0FE4A7F1DC} - \LuckyTab -> No File <==== ATTENTION
Task: {98C2B806-EEB2-49E4-9EB4-02C683528D4E} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe <==== ATTENTION
Task: {B53CB684-33A5-4D30-90CD-D1801630419A} - System32\Tasks\{02D53113-6D00-4F5E-8DB4-4A917A6AC613} => pcalua.exe -a C:\Users\mahmoud\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION
Task: {CA06A29F-F22B-4B9F-AD64-8897114A9998} - System32\Tasks\disco_games_notification_service => C:\Program Files\disco games\disco_games_notification_service.exe <==== ATTENTION
Task: {D9BE1EE6-E01A-4280-B01E-B741A710D41D} - \disco_games_updating_service -> No File <==== ATTENTION
Task: {EBE36CA8-33E3-4A05-870F-75BB93D0FF00} - System32\Tasks\DoctorPC_Start => C:\Program Files\Doctor PC\DoctorPC.exe <==== ATTENTION
Task: {FAA9D4BA-7161-4D51-96A0-EE789E518123} - System32\Tasks\DoctorPC_Popup => C:\Program Files\Doctor PC\Splash.exe <==== ATTENTION
Task: C:\Windows\Tasks\3SKxv5aWBq7xh8LMsvmk.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\3SKxv5aWBq7xh8LMsvmk.exe <==== ATTENTION
Task: C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => C:\Users\mahmoud\AppData\Local\Temp\A4D7.exe <==== ATTENTION
Task: C:\Windows\Tasks\GOptsuOBPCZnzbYOWc.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\GOptsuOBPCZnzbYOWc.exe <==== ATTENTION
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{E7BC9481-474A-4DDC-B6AA-F0106B660926}\SupportTasks\0\Support.lnk -> hxxp://support.microsoft.com/support/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{CAB31127-0B29-4100-A936-C6A16D47E31F}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.rockstargames.com/vicecity/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{68F02EEC-A0B1-427E-82EE-49D27F5B73F3}\SupportTasks\1\Support.lnk -> hxxp://techsupport.ea.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{68F02EEC-A0B1-427E-82EE-49D27F5B73F3}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.needforspeed.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{508A4CDB-3809-418E-8278-98DC515C37EF}\SupportTasks\1\Support.lnk -> hxxp://support.ea.com/ (No File)
Shortcut: C:\Users\mahmoud\AppData\Local\Microsoft\Windows\GameExplorer\{508A4CDB-3809-418E-8278-98DC515C37EF}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.fifa07.ea.com/ (No File)

CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end

Publicité


Signaler le contenu de ce document

Publicité