cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Boxore Client] => C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe [1551872 2015-03-20] (Boxore OU)
CHR HKU\S-1-5-21-67368778-3054950882-2857564751-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-67368778-3054950882-2857564751-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-67368778-3054950882-2857564751-1001\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=77302&st=home&tid=18195&ver=6.4&ts=1403548245556&tguid=77302-18195-1403548245556-D67D6675BB449E825EEAB984FAA2D7D0
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_07_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCyDtCtBtN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StDyCyB0EtDtA0ByDtGtCtA0AzztGtBtAyCyBtGtAyDyCtCtG0EyDtC0BtD0D0E0B0Ezyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D230091025%26a%3Dhdr_s_16_07_orgnl%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {522B6E20-CB79-4707-9A5A-8010A6FFBED2} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_24_ch&cd=2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0SzzzyyDtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StCtD0A0F0AyCyBtBtGyCtC0BtBtG0F0DtCyBtGyCyEyByEtGyE0AyBtA0F0BtCtDyEyEzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0F0A0BzytC0D0AtG0CtD0DyDtGtAzzyDtBtGzy0Fzy0AtGtAtAtB0BtC0DtAtCyCtD0EtC2Q&cr=137271662&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {2de06457-88b8-4989-9288-5fe9c2584ab8} URL = hxxps://www.wolframalpha.com/input/?i={searchTerms}&trackid=sp-005
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.4&ts=1403548245556&tguid=77302-18195-1403548245556-D67D6675BB449E825EEAB984FAA2D7D0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCtAtAzztN1L2XzutAtFtCtBtFyDtFyBtN1L1Czu1M1Q1CtCtCtN1L1G1B1V1N2Y1L1Qzu2S0CyEtDtD0B0C0BtAtGyByE0FtAtGyEyBzytCtG0ByB0CyEtGtD0D0C0F0EtAtA0B0F0A0FyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyE%26cr%3D2074743978%26a%3Dhdr_s_15_36_orgnl%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_07_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCyDtCtBtN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StDyCyB0EtDtA0ByDtGtCtA0AzztGtBtAyCyBtGtAyDyCtCtG0EyDtC0BtD0D0E0B0Ezyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D230091025%26a%3Dhdr_s_16_07_orgnl%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {2de06457-88b8-4989-9288-5fe9c2584ab8} URL = hxxps://www.wolframalpha.com/input/?i={searchTerms}&trackid=sp-005
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5127&q={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAyE0Bzz0A0ByByDtGzz0FyD0FtG0FtDyCyEtG0ByDtByEtGyE0Azz0D0B0EtB0AzzyE0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAtCtDtCyDzz0BtG0DtD0E0FtGyEtA0AtAtGzzyE0ByBtGtC0Czzzz0D0D0CyCzzyE0A0C2Q&cr=1784868693&ir=
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_37_ch&cd=2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0SzyzzzztN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtAzztAtAyC0FtDtG0DtB0DyBtGzy0A0F0DtGzztCzztDtGtBtB0D0CtC0E0A0EtAyBtB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtAtCtDtCyDzz0BtG0DtD0E0FtGyEtA0AtAtGzzyE0ByBtGtC0Czzzz0D0D0CyCzzyE0A0C2Q&cr=92629545&ir=
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.4&ts=1403548245556&tguid=77302-18195-1403548245556-D67D6675BB449E825EEAB984FAA2D7D0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=hdr_s_15_36_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCtAtAzztN1L2XzutAtFtCtBtFyDtFyBtN1L1Czu1M1Q1CtCtCtN1L1G1B1V1N2Y1L1Qzu2S0CyEtDtD0B0C0BtAtGyByE0FtAtGyEyBzytCtG0ByB0CyEtGtD0D0C0F0EtAtA0B0F0A0FyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyE%26cr%3D2074743978%26a%3Dhdr_s_15_36_orgnl%26os%3DWindows%2B8.1&p={searchTerms}
BHO-x32: Pas de nom -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> Pas de fichier
BHO-x32: Pas de nom -> {EFA7A511-B491-4312-BB35-4586B99E45ED} -> Pas de fichier
Toolbar: HKU\S-1-5-21-67368778-3054950882-2857564751-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
CHR HomePage: Default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_07_orgnl¶m1=1¶m2=f%3D1%26b%3DChrome%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCyDtCtBtN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StDyCyB0EtDtA0ByDtGtCtA0AzztGtBtAyCyBtGtAyDyCtCtG0EyDtC0BtD0D0E0B0Ezyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D230091025%26a%3Dhdr_s_16_07_orgnl%26os_ver%3D6.3%26os%3DWindows%2B8.1
CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_07_orgnl¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyB0CtDyDtDyBtDyDzytCzztCtB0E0AyEtN0D0Tzu0StCyDtCtBtN1L2XzutAtFtCyBtFzytFtCtN1L1Czu1M1Q1CtBtBtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StDyCyB0EtDtA0ByDtGtCtA0AzztGtBtAyCyBtGtAyDyCtCtG0EyDtC0BtD0D0E0B0Ezyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtDzy0AtBtD0E0BtG0CzzzztBtGyEyB0DtCtG0B0BtAyBtGyBtDtAtByDyBzyzy0DtA0EtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyBtB%26cr%3D230091025%26a%3Dhdr_s_16_07_orgnl%26os_ver%3D6.3%26os%3DWindows%2B8.1","hxxp://www.google.fr/"
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-18] (Just Develop It) <==== ATTENTION
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
S3 NdisVirtualBus; \SystemRoot\System32\drivers\NdisVirtualBus.sys [X]
S3 NdisWan; \SystemRoot\system32\DRIVERS\ndiswan.sys [X]
S3 NdisWanLegacy; \SystemRoot\system32\DRIVERS\ndiswan.sys [X]
2016-05-27 21:48 - 2014-10-26 19:48 - 00000310 _____ C:\WINDOWS\Tasks\WSE_Astromenda.job
C:\WINDOWS\Tasks\WSE_Astromenda.job
Boxore Client (HKLM-x32\...\{47BA91BB-CD0D-4208-BF6E-B8EF32BD5D54}) (Version: 5.8.0.0 - Boxore OU) <==== ATTENTION
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Task: {482821C8-8D8B-4251-8125-7742EA3227CB} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-09-18] (MyPCBackup.com) <==== ATTENTION
Task: {48318F0E-3C14-4CB4-9098-C382B09A1996} - System32\Tasks\WSE_Astromenda => C:\Users\toshiba\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-10-26] () <==== ATTENTION
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - \Microsoft\Windows\Work Folders\Work Folders Logon Synchronization -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job => C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe <==== ATTENTION
2014-09-18 16:15 - 2014-09-18 16:15 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
HKLM\...\StartupApproved\Run32: => "Boxore Client"


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité