Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL =
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://ar.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {E8554DC9-DB89-42CE-BC14-20D94B5AB756} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> DefaultScope {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [No File]
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [No File]
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [No File]
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com => not found
S2 AVP15.0.0; "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe" -r [X]
S1 Avgdiskx; system32\DRIVERS\avgdiskx.sys [X]
S1 AVGIDSDriver; system32\DRIVERS\avgidsdriverx.sys [X]
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S1 Avgldx86; system32\DRIVERS\avgldx86.sys [X]
S0 Avglogx; system32\DRIVERS\avglogx.sys [X]
S0 Avgmfx86; system32\DRIVERS\avgmfx86.sys [X]
S0 Avgrkx86; system32\DRIVERS\avgrkx86.sys [X]
S1 Avgtdix; system32\DRIVERS\avgtdix.sys [X]
S3 catchme; \??\C:\Users\soso\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\soso\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 kltdi; system32\DRIVERS\kltdi.sys [X]
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {2CED2805-E875-4174-9751-464B564F97BA} - \{715A44D0-37E8-4796-8880-3596A3537B1B} -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{4B66DD3F-2E6E-4F7C-B38C-E32608820825}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{53DBCD97-3FDF-4B60-975B-2596B57482EF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{D41C1E5B-0566-4BB1-BE72-1A5407349CA6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> no filepath
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-326591620-3134671043-2444896497-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL =
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://ar.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {E8554DC9-DB89-42CE-BC14-20D94B5AB756} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> DefaultScope {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-326591620-3134671043-2444896497-1000 -> {84317AB9-4A73-45B4-A382-2C8BE1857B62} URL = hxxp://www.google.ae/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7PRFB_enAE500
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [No File]
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [No File]
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [No File]
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com => not found
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com => not found
S2 AVP15.0.0; "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe" -r [X]
S1 Avgdiskx; system32\DRIVERS\avgdiskx.sys [X]
S1 AVGIDSDriver; system32\DRIVERS\avgidsdriverx.sys [X]
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X]
S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [X]
S1 Avgldx86; system32\DRIVERS\avgldx86.sys [X]
S0 Avglogx; system32\DRIVERS\avglogx.sys [X]
S0 Avgmfx86; system32\DRIVERS\avgmfx86.sys [X]
S0 Avgrkx86; system32\DRIVERS\avgrkx86.sys [X]
S1 Avgtdix; system32\DRIVERS\avgtdix.sys [X]
S3 catchme; \??\C:\Users\soso\AppData\Local\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\Users\soso\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S1 kltdi; system32\DRIVERS\kltdi.sys [X]
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {2CED2805-E875-4174-9751-464B564F97BA} - \{715A44D0-37E8-4796-8880-3596A3537B1B} -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{4B66DD3F-2E6E-4F7C-B38C-E32608820825}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{53DBCD97-3FDF-4B60-975B-2596B57482EF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{D41C1E5B-0566-4BB1-BE72-1A5407349CA6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-326591620-3134671043-2444896497-1000_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> no filepath
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end