Publicité
Publicité
Format du document : text/plain
Prévisualisation
SysRestore
O81 - IFC: Internet Feature Controls [HKCU] [FEATURE_BROWSER_EMULATION] -- svchost.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F]
O44 - LFC:[MD5.2D93FA079B0673174122CFBD25DDDC7E] - 14/01/2013 - 20:37:25 ---A- . (...) -- C:\Windows\wmsetup.log [565]
O44 - LFC:[MD5.7E141CF0EC8BC3CD9F5DC5137A0F1DA2] - 14/01/2013 - 20:32:26 ---A- . (...) -- C:\Windows\DirectX.log [241676]
O53 - SMSR:HKLM\...\startupreg\5cd8f17f4086744065eb0992a09e05a2 [Key] . (...) -- C:\Users\seb et audrey\AppData\Local\Temp\Trojan.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\RebateInformer [Key] . (...) -- C:\Program Files (x86)\REBATE~1\REBATE~1.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Windows Update Server [Key] . (...) -- C:\Users\seb et audrey\2376b5a3-5930.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Yzyph [Key] . (...) -- C:\Users\seb et audrey\AppData\Roaming\Hecura\alty.exe (.not file.)
O45 - LFCP:[MD5.922BF5E8D85BF76C3808409E79747778] - 09/02/2013 - 16:44:42 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_FREE--8EA6C387.pf
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fe063dbb-4ec0-403e-8dd8-394c54984b2c}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKLM\Software\BrowserChoice]
O43 - CFD: 12/01/2013 - 18:09:35 - [0,082] ----D C:\Users\seb et audrey\AppData\Roaming\ed129ebd-48dd-4e12-9898-0931dd4725d879
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
FirewallRaz
EmptyTemp
O81 - IFC: Internet Feature Controls [HKCU] [FEATURE_BROWSER_EMULATION] -- svchost.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F]
O44 - LFC:[MD5.2D93FA079B0673174122CFBD25DDDC7E] - 14/01/2013 - 20:37:25 ---A- . (...) -- C:\Windows\wmsetup.log [565]
O44 - LFC:[MD5.7E141CF0EC8BC3CD9F5DC5137A0F1DA2] - 14/01/2013 - 20:32:26 ---A- . (...) -- C:\Windows\DirectX.log [241676]
O53 - SMSR:HKLM\...\startupreg\5cd8f17f4086744065eb0992a09e05a2 [Key] . (...) -- C:\Users\seb et audrey\AppData\Local\Temp\Trojan.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\RebateInformer [Key] . (...) -- C:\Program Files (x86)\REBATE~1\REBATE~1.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Windows Update Server [Key] . (...) -- C:\Users\seb et audrey\2376b5a3-5930.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Yzyph [Key] . (...) -- C:\Users\seb et audrey\AppData\Roaming\Hecura\alty.exe (.not file.)
O45 - LFCP:[MD5.922BF5E8D85BF76C3808409E79747778] - 09/02/2013 - 16:44:42 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_FREE--8EA6C387.pf
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fe063dbb-4ec0-403e-8dd8-394c54984b2c}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888]
[HKLM\Software\BrowserChoice]
O43 - CFD: 12/01/2013 - 18:09:35 - [0,082] ----D C:\Users\seb et audrey\AppData\Roaming\ed129ebd-48dd-4e12-9898-0931dd4725d879
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
FirewallRaz
EmptyTemp