Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3001791725-1427797241-1862162955-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 cpuz135; \??\C:\Users\User\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ATTENTION
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2014-12-31 13:36 - 2014-12-31 13:36 - 0000046 _____ () C:\Users\User\AppData\Roaming\WB.CFG
Task: {01D1D9A5-E133-4735-9549-A725F687FAAE} - System32\Tasks\{9932A8FB-A8AB-449B-B4B5-ACC5A1548B1C} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\Temp9_ecb_lbp.zip\LBP.EXE <==== ATTENTION
Task: {2CD1C35D-988D-4E12-86A8-0519B95EF013} - System32\Tasks\{22A4282A-EFF0-4739-843F-F4E66899822B} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\Temp8_ecb_lbp.zip\LBP.EXE <==== ATTENTION
Task: {59FC1F1B-D6C9-4FD5-90AC-77DB0882AC45} - System32\Tasks\gMAcKIGiouen6fiHpyQDXIhhY => C:\Users\User\AppData\Roaming\gMAcKIGiouen6fiHpyQDXIhhY.exe <==== ATTENTION
Task: {9487A3E3-3FCB-41EB-9F85-3FB6B1DB428B} - System32\Tasks\mYOLXx9Iv6sEku44toU3mAXS6iC => C:\Users\User\AppData\Roaming\mYOLXx9Iv6sEku44toU3mAXS6iC.exe <==== ATTENTION
Task: C:\Windows\Tasks\gMAcKIGiouen6fiHpyQDXIhhY.job => C:\Users\User\AppData\Roaming\gMAcKIGiouen6fiHpyQDXIhhY.exe <==== ATTENTION
Task: C:\Windows\Tasks\mYOLXx9Iv6sEku44toU3mAXS6iC.job => C:\Users\User\AppData\Roaming\mYOLXx9Iv6sEku44toU3mAXS6iC.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKU\S-1-5-21-3001791725-1427797241-1862162955-1000\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
EmptyTemp:
end
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3001791725-1427797241-1862162955-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz134; \??\C:\Users\User\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S3 cpuz135; \??\C:\Users\User\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X] <==== ATTENTION
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2014-12-31 13:36 - 2014-12-31 13:36 - 0000046 _____ () C:\Users\User\AppData\Roaming\WB.CFG
Task: {01D1D9A5-E133-4735-9549-A725F687FAAE} - System32\Tasks\{9932A8FB-A8AB-449B-B4B5-ACC5A1548B1C} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\Temp9_ecb_lbp.zip\LBP.EXE <==== ATTENTION
Task: {2CD1C35D-988D-4E12-86A8-0519B95EF013} - System32\Tasks\{22A4282A-EFF0-4739-843F-F4E66899822B} => pcalua.exe -a C:\Users\User\AppData\Local\Temp\Temp8_ecb_lbp.zip\LBP.EXE <==== ATTENTION
Task: {59FC1F1B-D6C9-4FD5-90AC-77DB0882AC45} - System32\Tasks\gMAcKIGiouen6fiHpyQDXIhhY => C:\Users\User\AppData\Roaming\gMAcKIGiouen6fiHpyQDXIhhY.exe <==== ATTENTION
Task: {9487A3E3-3FCB-41EB-9F85-3FB6B1DB428B} - System32\Tasks\mYOLXx9Iv6sEku44toU3mAXS6iC => C:\Users\User\AppData\Roaming\mYOLXx9Iv6sEku44toU3mAXS6iC.exe <==== ATTENTION
Task: C:\Windows\Tasks\gMAcKIGiouen6fiHpyQDXIhhY.job => C:\Users\User\AppData\Roaming\gMAcKIGiouen6fiHpyQDXIhhY.exe <==== ATTENTION
Task: C:\Windows\Tasks\mYOLXx9Iv6sEku44toU3mAXS6iC.job => C:\Users\User\AppData\Roaming\mYOLXx9Iv6sEku44toU3mAXS6iC.exe <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKU\S-1-5-21-3001791725-1427797241-1862162955-1000\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION
EmptyTemp:
end