Posté le 11 janvier 2017
Télécharger | Reposter | Largeur fixe

start
CreateRestorePoint:
CloseProcesses:
URLSearchHook: HKLM - (Pas de nom) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - Pas de fichier
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBFnYN5R-SRTQR4zPSPlbKdkH6CEUjkSSTETYhnaWHwbkiqyd9YhVBbMI0EHaI3GhPH38G_lgCPv8Nl_NowPppzVsQQKwCaA5VdMd8lVob2joU9mPlAZjwl3G8z4IeZIkJfLY4mjPHnAioyrWA3Sa1nSzpcIPk5eNyZ0CGz0Bm2pxJUzue9gKvpiRmK&q={searchTerms}
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://home.speedbit.com/search.aspx?aff=115&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=209&systemid=488&v=a13277-343&apn_uid=2571436552134440&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/ws/?source=a92683ac&tbp=rbox&toolbarid=zgametb&u=D2FFE6393CA5E1FC94E09751FA394E7E&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {6D387881-7B1F-40C8-AE4B-27F110E44121} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851639
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=431&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=209&systemid=488&v=a13277-343&apn_uid=2571436552134440&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBFnYN5R-SRTQR4zPSPlbKdkH6CEUjkSSTETYhnaWHwbkiqyd9YhVBbMI0EHaI3GhPH38G_lgCPv8Nl_NowPppzVsQQKwCaA5VdMd8lVob2joU9mPlAZjwl3G8z4IeZIkJfLY4mjPHnAioyrWA3Sa1nSzpcIPk5eNyZ0CGz0Bm2pxJUzue9gKvpiRmK&q={searchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2012-03-21] (Yahoo! Inc.)
BHO: Pas de nom -> {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} -> Pas de fichier
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2012-03-21] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-1685727251-3317793287-2057527148-1000 -> Pas de nom - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - Pas de fichier
FF HKU\S-1-5-21-1685727251-3317793287-2057527148-1000\...\Firefox\Extensions: [ffox@bandoo.com] - C:\Users\Christan-Karol\AppData\Roaming\Mozilla\Firefox\Profiles\l7zh3o0f.default\extensions\ffox@bandoo.com => non trouvé(e)
FF HKU\S-1-5-21-1685727251-3317793287-2057527148-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Christan-Karol\AppData\Roaming\IDM\idmmzcc5 => non trouvé(e)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-07-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\findit.xml [2017-01-06]
CHR HomePage: ChromeDefaultData2 -> hxxp://www.youndoo.com/?z=7e2b143b1ea7abd3ef0764fgfz1b9c9mac1o2tfmcm&from=amz&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK1AA0C6788C6788&type=hp
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.youndoo.com/?z=7e2b143b1ea7abd3ef0764fgfz1b9c9mac1o2tfmcm&from=amz&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK1AA0C6788C6788&type=hp"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=7e2b143b1ea7abd3ef0764fgfz1b9c9mac1o2tfmcm&from=amz&uid=WDCXWD5000BEVT-22A0RT0_WD-WXK1AA0C6788C6788&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData2 -> youndoo
CHR DefaultSuggestURL: ChromeDefaultData2 -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Christan-Karol\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\2.3.19.11_0\plugins/ChromeApproveTBPlugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => Pas de fichier
CHR Plugin: (QuickTime Plug-in 7.1.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => Pas de fichier
CHR Profile: C:\Users\Christan-Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-09]
CHR Extension: (uTorrentBar_FR) - C:\Users\Christan-Karol\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib [2017-01-07]
CHR Extension: (easychrome) - C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk [2017-01-06]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx <non trouvé(e)>
CHR HKLM\...\Chrome\Extension: [dloejdefkancmfajekobpfoacecnhpgp] - C:\Program Files\Bandoo\ChromePackage.crx [2012-01-22]
CHR HKLM\...\Chrome\Extension: [jmolcgpienlcieaajfkkdamlngancncm] - C:\Program Files\Internet Download Manager\IDMGCExt.crx <non trouvé(e)>
CHR HKLM\...\Chrome\Extension: [paoponfhfdfnjgddpnpjkambkcgdaaib] - C:\Users\Christan-Karol\AppData\Local\CRE\paoponfhfdfnjgddpnpjkambkcgdaaib.crx [2012-05-31]
CHR HKU\S-1-5-21-1685727251-3317793287-2057527148-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [paoponfhfdfnjgddpnpjkambkcgdaaib] - C:\Users\Christan-Karol\AppData\Local\CRE\paoponfhfdfnjgddpnpjkambkcgdaaib.crx [2012-05-31]
R2 Gruvch; C:\Program Files\Drertise\WerheknideghtCnf.dll [179200 2017-01-06] () [Fichier non signé]
R2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] () [Fichier non signé]
R2 KuaizipUpdateChecker; C:\Program Files\¿ìѹ\X86\kuaizipUpdateChecker.dll [219032 2017-01-06] ()
R2 NetUtils2016srv; C:\Windows\system32\NetUtils2016.exe [470592 2017-01-06] ()
R2 SaFiSvc; C:\Program Files\SaFiPlayer\SaFiSvc.dll [324336 2017-01-03] ()
S2 Ilaaugca; "C:\Users\Christan-Karol\AppData\Roaming\JucdiJhnoz\Rawei.exe" -cms [X]
S2 Vefise; C:\Program Files\Drertise\StelageLauncher.dll [X]
R3 dtldrvhelp; c:\program files\safiplayer\dtldrvhelp.sys [54352 2016-12-29] ()
R2 KuaiZipDrive; C:\Windows\system32\drivers\KuaiZipDrive.sys [68128 2017-01-06] (WinMount International Inc)
R1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [691832 2017-01-06] ()
U0 aswVmm; pas de ImagePath
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
2017-01-08 14:45 - 2017-01-08 17:15 - 00000000 ____D C:\Users\Christan-Karol\Downloads\Kaspersky Internet Security 2016 v16.0.0.614 Build 8529 [UplaoderKing]
2017-01-08 14:37 - 2017-01-08 14:37 - 00014690 _____ C:\Users\Christan-Karol\Downloads\KasperskyInternetSecurity2016v16.0.0.614-Build8529 - ThePirateBay.TO.torrent
2017-01-08 13:53 - 2017-01-08 13:53 - 00028553 _____ C:\Users\Christan-Karol\Downloads\KasperskyInternetSecurity2016v16.0.0.614Build8529Incl.TrialResetUplaoderKing - ThePirateBay.TO.torrent
2017-01-08 13:17 - 2017-01-08 13:17 - 00036487 _____ C:\Users\Christan-Karol\Downloads\AvastInternetSecurityPremierAntivirus2016Build11.1.2245Keys - ThePirateBay.TO.torrent
2017-01-07 22:15 - 2017-01-08 14:30 - 00000000 ____D C:\Users\Christan-Karol\Downloads\avast! Pro Antivirus+Internet Security 2016 11.1.2245 Final Incl lic-=TEAM OS=-
2017-01-07 22:15 - 2017-01-07 22:15 - 00016635 _____ C:\Users\Christan-Karol\Downloads\avastProAntivirusInternetSecurity201611.1.2245FinalIncllic-TEAMOS - ThePirateBay.TO.torrent
2017-01-07 21:37 - 2017-01-07 21:37 - 00019788 _____ C:\Users\Christan-Karol\Downloads\AvastPremier2016AntivirusKeysIncludedOS4World - ThePirateBay.TO.torrent
2017-01-07 21:03 - 2017-01-07 21:03 - 00018638 _____ C:\Users\Christan-Karol\Downloads\avast-pro-antivirus-crack-licence-jusqu-en-2025(1).torrent
2017-01-07 21:01 - 2017-01-07 21:01 - 00018638 _____ C:\Users\Christan-Karol\Downloads\avast-pro-antivirus-crack-licence-jusqu-en-2025.torrent
2017-01-06 21:05 - 2017-01-07 17:38 - 00000000 ____D C:\Program Files\FJBJW4ZD22
2017-01-06 21:04 - 2017-01-07 17:47 - 00000000 ____D C:\ProgramData\33115322-6c61-1
2017-01-06 21:04 - 2017-01-07 17:47 - 00000000 ____D C:\ProgramData\33115322-3427-0
2017-01-06 21:02 - 2017-01-06 21:06 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\Gishatpution
2017-01-06 21:02 - 2017-01-06 21:03 - 00000000 ____D C:\Program Files\Terule
2017-01-06 20:42 - 2017-01-06 20:42 - 00301711 _____ (zdengine) C:\Windows\system32\zdengine.dll
2017-01-06 20:42 - 2017-01-06 20:42 - 00009696 _____ C:\Windows\system32\zdengineOff.ini
2017-01-06 20:36 - 2017-01-06 20:36 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\tuto_monetize_120170105
2017-01-06 20:34 - 2017-01-06 20:34 - 00000000 ____D C:\Windows\system32\ber
2017-01-06 20:29 - 2017-01-06 20:29 - 00000000 ____D C:\Program Files\Ckernodruqaward Launcher
2017-01-06 20:27 - 2017-01-06 21:22 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Rinisifosp
2017-01-06 20:26 - 2017-01-06 20:27 - 00000000 ____D C:\Program Files\Drertise
2017-01-06 20:16 - 2017-01-06 20:16 - 00439808 _____ C:\ProgramData\smp2.exe
2017-01-06 20:15 - 2017-01-07 19:07 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Xeeedxi
2017-01-06 20:15 - 2017-01-07 17:30 - 00000000 ____D C:\Program Files\mpck
2017-01-06 20:15 - 2017-01-06 21:09 - 00000000 ____D C:\Program Files\ScreenShared
2017-01-06 20:15 - 2017-01-06 20:16 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\Tempfolder
2017-01-06 17:38 - 2017-01-06 17:38 - 00000000 ____D C:\Program Files\UCBrowser
2017-01-06 17:37 - 2017-01-07 17:50 - 00000000 ____D C:\ProgramData\Zaamlas
2017-01-06 17:36 - 2017-01-07 17:47 - 00000000 ____D C:\Program Files\Common Files\Sumdamnix
2017-01-06 17:36 - 2017-01-06 21:21 - 00000000 ____D C:\Windows\system32\SSL
2017-01-06 17:36 - 2017-01-06 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaFiPlayer
2017-01-06 17:35 - 2017-01-07 19:06 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\KuaiZip
2017-01-06 17:35 - 2017-01-07 18:48 - 00000000 __SHD C:\Users\Christan-Karol\AppData\Local\svchost
2017-01-06 17:35 - 2017-01-07 17:50 - 00000000 ____D C:\ProgramData\Zaamla
2017-01-06 17:35 - 2017-01-06 20:43 - 00000002 _____ C:\END
2017-01-06 17:35 - 2017-01-06 17:36 - 00000000 ____D C:\Program Files\SaFiPlayer
2017-01-06 17:35 - 2017-01-06 17:35 - 07316480 _____ C:\Users\Christan-Karol\AppData\Roaming\agent.dat
2017-01-06 17:35 - 2017-01-06 17:35 - 01907105 _____ C:\Users\Christan-Karol\AppData\Roaming\Zimhold.tst
2017-01-06 17:35 - 2017-01-06 17:35 - 00126464 _____ C:\Users\Christan-Karol\AppData\Roaming\noah.dat
2017-01-06 17:35 - 2017-01-06 17:35 - 00070704 _____ C:\Users\Christan-Karol\AppData\Roaming\Config.xml
2017-01-06 17:35 - 2017-01-06 17:35 - 00068128 _____ (WinMount International Inc) C:\Windows\system32\Drivers\KuaiZipDrive.sys
2017-01-06 17:35 - 2017-01-06 17:35 - 00018432 _____ C:\Users\Christan-Karol\AppData\Roaming\Main.dat
2017-01-06 17:35 - 2017-01-06 17:35 - 00005568 _____ C:\Users\Christan-Karol\AppData\Roaming\md.xml
2017-01-06 17:35 - 2017-01-06 17:35 - 00001031 _____ C:\Users\Christan-Karol\Desktop\MaohaWiFi.lnk
2017-01-06 17:35 - 2017-01-06 17:35 - 00000954 _____ C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Windows\Start Menu\¿ìѹ.lnk
2017-01-06 17:35 - 2017-01-06 17:35 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Softlink
2017-01-06 17:35 - 2017-01-06 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi
2017-01-06 17:35 - 2017-01-06 17:35 - 00000000 ____D C:\Program Files\Peditain Helper
2017-01-06 17:35 - 2017-01-06 17:35 - 00000000 ____D C:\Program Files\Maoha
2017-01-06 17:35 - 2017-01-06 17:35 - 00000000 ____D C:\Program Files\¿ìѹ
2017-01-06 17:34 - 2017-01-07 17:49 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2017-01-06 17:34 - 2017-01-07 17:22 - 00000000 ____D C:\Program Files\BestCleaner
2017-01-06 17:34 - 2017-01-06 21:09 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Arerkek
2017-01-06 17:34 - 2017-01-06 20:28 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\Arvury
2017-01-06 17:34 - 2017-01-06 17:34 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\Reiveshkojck
2017-01-06 17:34 - 2017-01-06 17:34 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2017-01-06 17:34 - 2017-01-06 17:34 - 00000000 ____D C:\Program Files\Pheroghtlqale Collector
2017-01-06 17:34 - 2017-01-06 17:34 - 00000000 ____D C:\Program Files\Hoqushnusiward
2017-01-06 17:33 - 2017-01-07 18:41 - 00000000 ____D C:\Users\Christan-Karol\AppData\Local\9C2A1641-1483724026-1634-A3D4-1C7508497DF2
2017-01-06 17:33 - 2017-01-07 17:46 - 00000000 ____D C:\Program Files\CleanBrowser
2017-01-06 17:33 - 2017-01-07 17:39 - 00000000 ____D C:\Program Files\OtherSearch
2017-01-06 17:33 - 2017-01-07 17:16 - 00000000 ____D C:\Program Files\PWWYWIST8N
2017-01-06 17:33 - 2017-01-06 17:34 - 00016224 _____ C:\Users\Christan-Karol\AppData\Roaming\InstallationConfiguration.xml
2017-01-06 17:33 - 2017-01-06 17:33 - 00140288 _____ C:\Users\Christan-Karol\AppData\Roaming\Installer.dat
2017-01-06 17:33 - 2017-01-06 17:33 - 00000334 _____ C:\Users\Christan-Karol\Desktop\Booking.com.url
2017-01-06 17:33 - 2017-01-06 17:33 - 00000329 _____ C:\Users\Christan-Karol\Desktop\AliExpress.url
2017-01-06 17:33 - 2017-01-06 17:33 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Note-UP
2017-01-06 17:33 - 2017-01-06 17:33 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\gplyra
2017-01-06 17:33 - 2017-01-06 17:33 - 00000000 _____ C:\TOSTACK
2017-01-06 17:32 - 2017-01-09 10:17 - 00510016 _____ C:\Windows\system32\NetUtils2016.dll
2017-01-06 17:32 - 2017-01-06 17:34 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\Microleaves
2017-01-06 17:32 - 2017-01-06 17:32 - 00691832 _____ C:\Windows\system32\Drivers\NetUtils2016.sys
2017-01-06 17:32 - 2017-01-06 17:32 - 00470592 _____ C:\Windows\system32\NetUtils2016.exe
2017-01-06 17:32 - 2017-01-06 17:32 - 00000000 __SHD C:\Windows\system32\%APPDATA%
2017-01-06 17:32 - 2017-01-06 17:32 - 00000000 ____D C:\Windows\system32\sstmp
2017-01-06 17:32 - 2017-01-06 17:32 - 00000000 ____D C:\Users\Christan-Karol\AppData\Roaming\HDWallPaper
2017-01-05 22:10 - 2017-01-08 14:30 - 00000000 ____D C:\Users\Christan-Karol\Downloads\Avast Pro Antivirus French+Crack
c:\Program Files\Bandoo
C:\Program Files\Alfa Programs
C:\Program Files\HDWallPaper
C:\PROGRA~1\F85A~1
C:\Users\Christan-Karol\AppData\Roaming\JucdiJhnoz
C:\Windows\system32\srvany.exe
C:\Windows\system32\drivers\KuaiZipDrive.sys
Task: {5178BA4B-764E-422D-A177-A3D7C9AFAA3D} - System32\Tasks\{009666AC-0215-437C-9255-BCF2FE0329F5} => pcalua.exe -a "C:\Program Files\BestCleaner\uninstaller.exe"
Task: {74D85F44-61CF-44BD-ACDB-F3F8F2B45584} - System32\Tasks\HDWallPaper => C:\Program Files\HDWallPaper\HDWallPaper.exe
Task: {C1AEAAA0-0E96-4DD2-823F-500F8EF0E124} - System32\Tasks\Fohghreercosp Server => C:\Program Files\Hoqushnusiward\veerck.exe [2017-01-06] (Glarysoft Ltd)
Task: {E33E87A8-CF88-4EA7-9B12-E41ED3C9D85C} - System32\Tasks\KuaiZip_Update => C:\PROGRA~1\F85A~1\X86\Update.exe
Task: {FA763CEF-935F-4156-B786-0CA0B3548658} - System32\Tasks\Tajuryhecation Log => C:\Program Files\Terule\hpesh.exe [2017-01-06] (Glarysoft Ltd)
WMI_ActiveScriptEventConsumer_ASEC:
ShortcutWithArgument: C:\Users\Christan-Karol\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Christan-Karol\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\CHRIST~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"
Hosts:
cmd: netsh winsock reset
cmd: ipconfig /flushdns
Tcpip\..\Interfaces\{2FAA90AF-010F-41F5-AA2C-486B75C5F7A2}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{312FD2C1-34B0-48BE-9741-65C2E8B96CD5}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{36EBE65D-FFE7-416E-89FE-84E1BB6293D3}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{58EFEB68-4C61-40B1-A196-7A6185EAD1D5}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{631CA9D7-284C-4CCD-B21A-EF886E16D5F9}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{6D8DDF30-4462-4771-8D48-AF1F658997B7}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{746A4C7C-1AAA-464A-9B9F-727A76D1B6DC}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{9568909E-4E0C-4FA8-A3DC-68F48A8DB9C8}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{A0C327A9-0907-4B8E-91AC-891886C3D56D}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{AF4CD1CE-65D7-49C0-BA3E-79D545FB936D}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{B66D8929-11DD-433F-989B-3E2583BBD4BB}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{C6968309-0275-4A5E-9F46-760E79EED8DC}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F8F1F190-D940-4FA9-A4A4-E0565F33EC9D}: [NameServer] 104.197.191.4
EmptyTemp:
end

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.