Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2485271753-2310002785-363397595-1004\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1ADB0VXfVBdFElXTwhrKV5QMk0QSEdQ
HKU\S-1-5-21-2485271753-2310002785-363397595-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaie
URLSearchHook: HKLM - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll Pas de fichier
URLSearchHook: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll Pas de fichier
SearchScopes: HKLM -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=jomedia&id=dlsecuretb&v=1_0&ent=ch_6277&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {6C106D83-F7AF-41ED-A6C4-92E20C0AACFB} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851639&CUI=UN32845429984940194&UM=1
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__161128__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\86fx9b4j.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaff
FF Homepage: Mozilla\Firefox\Profiles\86fx9b4j.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaff
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\13228603.js [2016-12-01] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\13228603.cfg [2016-12-01] <==== ATTENTION
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1oDB0VXfV5bFElXTwhrKV5QMk0QSEdQ"
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1oDB0VXfV5bFElXTwhrKV5QMk0QSEdQ"
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTQkcFME0FBloEURNNfXFRBlEiVVRKMko=&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAYSeA0AV10QDAAWcg4VVQkVRBhCcQldTA1AGQMRcAAOWApBEBNBNARaAktXUUEeJ1pNER8fHH1KJ1FrFVgYU0Y=
S3 cpuz134; \??\C:\Users\TAMBWE2\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEMBBMSD; System32\Drivers\ZTEMBBMSD.sys [X]
S3 ZTEusbMB; system32\DRIVERS\ZTEusbnmeaext2.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbnmeaext; system32\DRIVERS\ZTEusbnmeaext.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
S3 ZTEusbwwan; system32\DRIVERS\ZTEusbwwan.sys [X]
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.2 - Reimage) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2485271753-2310002785-363397595-1004_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Users\TAMBWE2\AppData\Local\Conduit\Community Alerts\Alert.dll (ClientConnect Ltd.)
Task: {FE9FBAC4-0549-49CE-A73A-F1F9B74018A1} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-11-06] (Reimage®) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:4F636E25 [133]
AlternateDataStreams: C:\ProgramData\TEMP:6A91BBD8 [127]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:C95B63DA [104]
EmptyTemp:
end
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2485271753-2310002785-363397595-1004\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1ADB0VXfVBdFElXTwhrKV5QMk0QSEdQ
HKU\S-1-5-21-2485271753-2310002785-363397595-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaie
URLSearchHook: HKLM - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll Pas de fichier
URLSearchHook: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll Pas de fichier
SearchScopes: HKLM -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTSEcFME0FCFwEURNNfXFRBlEiVVRKMko=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=jomedia&id=dlsecuretb&v=1_0&ent=ch_6277&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {6C106D83-F7AF-41ED-A6C4-92E20C0AACFB} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851639&CUI=UN32845429984940194&UM=1
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKU\S-1-5-21-2485271753-2310002785-363397595-1004 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__161128__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\86fx9b4j.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaff
FF Homepage: Mozilla\Firefox\Profiles\86fx9b4j.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__161128__yaff
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\13228603.js [2016-12-01] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\13228603.cfg [2016-12-01] <==== ATTENTION
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1oDB0VXfV5bFElXTwhrKV5QMk0QSEdQ"
CHR StartupUrls: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQcQEMWQ8VQBgWdQsPTA1BRVAOIQgIBBRFEA0VcgkBVwBCEQQFIk0FA1oDB0VXfV5bFElXTwhrKV5QMk0QSEdQ"
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQoJWQ1JF1FCbQwNUw5cFQVHJRRZUAkUDAESeA8KUQBHGAYTcR9aFQQTQkcFME0FBloEURNNfXFRBlEiVVRKMko=&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAYSeA0AV10QDAAWcg4VVQkVRBhCcQldTA1AGQMRcAAOWApBEBNBNARaAktXUUEeJ1pNER8fHH1KJ1FrFVgYU0Y=
S3 cpuz134; \??\C:\Users\TAMBWE2\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 ZTEMBBMSD; System32\Drivers\ZTEMBBMSD.sys [X]
S3 ZTEusbMB; system32\DRIVERS\ZTEusbnmeaext2.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbnmeaext; system32\DRIVERS\ZTEusbnmeaext.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
S3 ZTEusbwwan; system32\DRIVERS\ZTEusbwwan.sys [X]
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.2 - Reimage) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2485271753-2310002785-363397595-1004_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Users\TAMBWE2\AppData\Local\Conduit\Community Alerts\Alert.dll (ClientConnect Ltd.)
Task: {FE9FBAC4-0549-49CE-A73A-F1F9B74018A1} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-11-06] (Reimage®) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:4F636E25 [133]
AlternateDataStreams: C:\ProgramData\TEMP:6A91BBD8 [127]
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1 [100]
AlternateDataStreams: C:\ProgramData\TEMP:C95B63DA [104]
EmptyTemp:
end