cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation



[img]http://zupimages.net/up/17/31/cqay.png[/img]

[color=blue] Copies les lignes suivantes dans le cadre rouge[/color]


start::
CloseProcesses:
Hosts:
CreateRestorePoint:
C:\Windows\System32\srvany.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3645348317-1517958546-2996639927-741165\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Profile: C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-09-18] <==== ATTENTION
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-04-18]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-28]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-24]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-20]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-20]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-20]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-20]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-05-06]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-20]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-11]
CHR Extension: (Pas de nom) - C:\Users\cyrille.basin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3645348317-1517958546-2996639927-741165\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
R2 O2SDIOAssist; C:\windows\system32\srvany.exe [8192 2003-04-18] () [Fichier non signé]
S2 thacationqkkmodulesrv; "C:\Program Files\Thacationqkk\thacationqkkmodulesrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
Popcorn Time (HKLM\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
Rocket (HKU\S-1-5-21-3645348317-1517958546-2996639927-741165\...\Rocket) (Version: 31.0.1650.23 - Rocket) <==== ATTENTION
Search App by Ask (HKLM\...\{4F524A2D-5350-4500-76A7-A758B70C2802}) (Version: 12.40.2.466 - APN, LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3645348317-1517958546-2996639927-741165_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\cyrille.basin\AppData\Local\Rocket\Application\31.0.1650.23\delegate_execute.exe" => Pas de fichier
2013-11-26 19:44 - 2003-04-18 14:36 - 000008192 _____ () C:\windows\system32\srvany.exe
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94CBE561-B01E-44B1-ABA5-7599080448F1}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94CBE561-B01E-44B1-ABA5-7599080448F1}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{94CBE561-B01E-44B1-ABA5-7599080448F1}
C:\WINDOWS\System32\Tasks\{D24F8DCF-6DA2-43AC-93C1-8B1DD3584FEE}
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|IDSCCOMP5O
C:\Program Files\SpaceSoundPro\idsccom_P5O.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2F2624FA-BB21-4E2E-80F6-E51F88A5697F}C:\users\cyrille.basin\appdata\local\popcorn time\node-webkit\popcorn time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{C10192CE-5A0D-44ED-A60B-A229FB486F17}C:\users\cyrille.basin\appdata\local\popcorn time\node-webkit\popcorn time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{A5D25C40-5BF1-487D-A4E6-438C0C483193}C:\users\cyrille.basin\appdata\local\popcorn time\node-webkit\popcorn time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{12FDDEB3-824D-47D6-948C-46FDCE57F219}C:\users\cyrille.basin\appdata\local\popcorn time\node-webkit\popcorn time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BD1071CA-A93B-4058-B2D5-FB7AB505B914}C:\users\cyrille.basin\appdata\local\popcorn time\nw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EFC1AF2E-6CFD-4427-B85A-40D937FC18B4}C:\users\cyrille.basin\appdata\local\popcorn time\nw.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4179CF72-0F78-4D77-9D52-4A3C39BFE458}D:\0perso\rayon x\rayons x\downloads\popcorn-time-0-3-9-beta\win32\popcorn-time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9543F86F-6835-40C2-B9AB-A372A0265D35}D:\0perso\rayon x\rayons x\downloads\popcorn-time-0-3-9-beta\win32\popcorn-time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{7A445520-D0FB-4097-974A-28EF79A48CFB}D:\0perso\rayon x\rayons x\downloads\popcorn-time-0-3-9-beta\win32\popcorn-time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DEBFA8B0-E0CE-4DB9-B762-7719C53B39CF}D:\0perso\rayon x\rayons x\downloads\popcorn-time-0-3-9-beta\win32\popcorn-time.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B8682D53-6097-46F1-9509-343C5CD7DAE1}
C:\Program Files\Popcorn Time\Updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FCFE4A4D-5CA5-4369-8DED-399E4C06C570}
C:\Program Files\Popcorn Time\Updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{27079DF8-2338-4652-BD45-1328BFA6EB9B}
C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{51628D1F-BB27-47FD-834A-FD80EF3D370B}
C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\08738A96A4853A52ACEF23F782E8E1FEA7BCED02
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\09271DD621EBD3910C2EA1D059F99B8181405A17
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\23EF3384E21F70F034C467D4CBA6EB61429F174E
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\330D8D3FD325A0E5FDDDA27013A2E75E7130165F
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\374D5B925B0BD83494E656EB8087127275DB83CE
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A26012171855D4020C973BEC3F4F9DA45BD2B83
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4D8547B7F864132A7F62D9B75B068521F10B68E3
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4DF13947493CFF69CDE554881C5F114E97C3D03B
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\587B59FB52D8A683CBE1CA00E6393D7BB923BC92
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5CE339465F41A1E423149F65544095404DE6EBE2
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5D5185DF1EB7DC76015422EC8138A5724BEE2886
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6690C02B922CBD3FF0D0A5994DBD336592887E3F
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7613BF0BA261006CAC3ED2DDBEF343425357F18B
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\838FFD509DE868F481C29819992E38A4F7082873
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8977E8569D2A633AF01D0394851681CE122683A6
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1505D9843C826DD67ED4EA5209804BDBB0DF502
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A221D360309B5C3C4097C44CC779ACC5A9845B66
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A35A8C727E88BCCA40A3F9679CE8CA00C26789FD
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A7B5531DDC87129E2C3BB14767953D6745FB14A6
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A81706D31E6F5C791CD9D3B1B9C63464954BA4F5
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BED412B1334D7DFCEBA3015E5F9F905D571C45CF
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C69F28C825139E65A646C434ACA5A1D200295DB1
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D43153C8C25F0041287987250F1E3CABAC8C2177
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E38A2B7663B86796436D8DF5898D9FAA6835B238
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E95DD86F32C771F0341743EBD75EC33C74A3DED9
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E9809E023B4512AA4D4D53F40569C313C1D0294D
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F5A874F3987EB0A9961A564B669A9050F770308A
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB
DeleteKey: HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97


EmptyTemp:
end::

Corrige et heberge le rapport fixlog

@+

Publicité

Signaler le contenu de ce document

Publicité