cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþMcComponentHostService;s
LiveUpdate Notice Ex;s
LiveUpdate Notice Service;s
Planificateur LiveUpdate automatique;s
LiveUpdate 3.2 (Symantec Corporation);u
LiveUpdate Notice (Symantec Corporation);u
McAfee Security Scan Plus;u
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center];r
"UacDisableNotify"=-;r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser];r
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=-;r
"{F2CF5485-4E02-4F68-819C-B92DE9277049}"=-;r
"{ED4BD629-C1B6-4399-8A34-02CCAA921DC9}"=-;r
[-HKEY_CURRENT_USER\Software\BrowserOptout];r
[-HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications];r
[-HKEY_CURRENT_USER\Software\MVVDSGW];r
[-HKEY_LOCAL_MACHINE\Software\32f5ca0c-be62-4ce5-9e7f-1509ac7b7b01];r
[-HKEY_LOCAL_MACHINE\Software\BrowserOptout];r
[-HKEY_LOCAL_MACHINE\Software\McAfee.com];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\WinSock2];r
[-HKEY_LOCAL_MACHINE\Software\mcafeeupdater];r
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"FreeMi UPnP Media Server"=-;r
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
"Symantec PIF AlertEng"=-;r
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1669a1d3-13cd-11df-b8a4-001bb9d1439e}];r
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64a219a9-2f1a-11e4-afe4-001bb9d1439e}];r
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules];r
"{D14584B6-7E81-41AF-A6CA-D133BB105F00}"=-;r
"{CD6148E5-84F2-443B-8504-65C5A6F7587A}"=-;r
[-HKEY_CLASSES_ROOT\CLSID\{56A45471-9392-433a-9DC8-16D1141D49C2}];r
{56A45471-9392-433a-9DC8-16D1141D49C2};c
[-HKEY_LOCAL_MACHINE\Software\Canneverbe Limited\OpenCandy];r
C:\Users\patrice.sandra\Documents\Mes films\SweetImSetup.exe;f
C:\Program Files\McAfee Security Scan;fs
C:\Program Files\Common Files\Symantec Shared;fs
C:\Program Files\Symantec;fs
C:\Users\patrice.sandra\AppData\Roaming\MVVDSGW.exe;f
C:\Users\patrice.sandra\AppData\Roaming\RSA.exe;f
C:\Program Files\CinemaP-1.3c;fs
E:\_ISDEL.exe;f
G:\ReadMe.exe;f
F:\Startme.exe;f
C:\Windows\Tasks\CreateChoiceProcessTask.job;f
C:\Windows\Tasks\MVVDSGW.job;f
C:\Windows\System32\Tasks\MVVDSGW;f
C:\Windows\Tasks\RSA.job;f
C:\Windows\System32\Tasks\RSA;f
C:\Windows\Tasks\temp_0bd2f864-89c5-4020-9b18-e2ee0c1c60e6-2.job;f
C:\Windows\System32\Tasks\temp_0bd2f864-89c5-4020-9b18-e2ee0c1c60e6-2;f
C:\Program Files\b4bdb80d-a644-43db-9f8c-85efdc9821f3;fs
C:\Program Files\Software;fs
C:\ProgramData\McAfee Security Scan;fs
C:\ProgramData\OmyIBQNuret;fs
C:\ProgramData\Package Cache;fs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus;f
C:\Users\patrice.sandra\AppData\Local\CFM;fs
C:\Users\patrice.sandra\AppData\Local\Software;fs
C:\Users\patrice.sandra\AppData\Local\StormAlert;fs
C:\Windows\System32\${LOGFILE};f
C:\Users\patrice.sandra\Downloads\adwcleaner_4-102_fr_430277.exe;f
C:\Windows\Installer\5b7a814.msi;f
C:\Users\patrice.sandra\AppData\Local\Temp\*.*
C:\Users\patrice.sandra\AppData\Local\Temp\*
ipconfig /flushdns >> C:\zoek-results.log;b
netsh winsock reset >> C:\zoek-results.log;b
standardsearch;
drivers-services-list;
installedprogs;
installer-list;
uninstall-list;
torpigcheck;
srinfo;
hostslook;
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost" /v netsvcs /se "%" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components" /s >> C:\zoek-results.log;b
%temp%\*.exe;vs
%SYSTEMDRIVE%\*.exe;v
%ALLUSERSPROFILE%\Application Data;v
%ALLUSERSPROFILE%\Application Data\*.exe;vs
%APPDATA%;v
%APPDATA%\*.exe;vs
C:\Windows\system32\consrv.dll;i
%SystemDrive%\$RECYCLE.BIN;vs
%SystemDrive%\RECYCLER;vs
%SystemRoot%\assembly\GAC;v
%SystemRoot%\assembly\GAC_32;v
%SystemRoot%\assembly\GAC_64;v
reg query "HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32" >> C:\zoek-results.log;b
%WINDIR%\pss;v
%LOCALAPPDATA%;v
%LOCALAPPDATA%\Google\Desktop;vs
C:\Program Files\Google\Desktop;vs
C:\Program Files (x86)\Google\Desktop;vs
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce" >> C:\zoek-results.log;b
%systemroot%\System32\config\*.sav;v
reg query "HKEY_LOCAL_MACHINE\SOFTWARE" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\SOFTWARE" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\shell\openas\command" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "{*}" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "TCP Query User" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "UDP Query User" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v DhcpNameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v NameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" /s /v DhcpNameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" /s /v NameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" /s /v DLLName >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" /s /v DLLName >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v Debugger >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v Debugger >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v BreakOnDllLoad >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v BreakOnDllLoad >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2" /s /f "command" > %LOCALAPPDATA%\Temp\mount.txt;b
for /f %%i in (%LOCALAPPDATA%\Temp\mount.txt) do reg query %%i >> C:\zoek-results.log;b
nslookup www.google.fr >> C:\zoek-results.log;b
dir /AL /S C:\ >> C:\zoek-results.log;b
emptyclsid;
emptyfolderscheck;delete
msconfigcheck;
shortcutfix;
emptyalltemp;

Publicité


Signaler le contenu de ce document

Publicité