cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:

HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\...\Run: [Reflector2] => [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TOSHIBA\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2841341764-4259199002-3796252902-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://hi.ru/search.php?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2841341764-4259199002-3796252902-1001 -> {3FEA05DB-89BB-49D5-9D2D-A133B2282315} URL =
BHO-x32: No Name -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> No File
FF ProfilePath: C:\Users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\xwrr4w3r.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1449509032&z=071fa38d51e66878389080bg4z2z3t3w5w3o6c1odt&from=amt&uid=TOSHIBAXMK6475GSX_62E8YDMQFXX62E8YDMQF
FF Extension: No Name - C:\Users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\xwrr4w3r.default\extensions\deskCutv2@gmail.com [not found]
FF Extension: No Name - C:\Users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\xwrr4w3r.default\extensions\yahooprotected@gmail.com [not found]
CHR StartupUrls: Default -> "hxxp://www.mysites123.com/?type=hp&ts=1449509032&z=071fa38d51e66878389080bg4z2z3t3w5w3o6c1odt&from=amt&uid=TOSHIBAXMK6475GSX_62E8YDMQFXX62E8YDMQF"
CHR DefaultSearchURL: Default -> hxxp://www.mysites123.com/web/?type=ds&ts=1449509032&z=071fa38d51e66878389080bg4z2z3t3w5w3o6c1odt&from=amt&uid=TOSHIBAXMK6475GSX_62E8YDMQFXX62E8YDMQF&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mysites123
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
U5 REALPLAYERUPDATESVC; no ImagePath
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Task: {10F645F9-2BC0-4F39-9934-43A1AD8E741D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {29AB2A06-DBAD-46E9-BD4C-3C4890D16512} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {31C3E2DF-6126-40F3-9F34-2213E0027DE3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3739F668-3EA8-4DCA-9F5E-2B9AEEA7FDEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38323810-FE4C-4017-B135-E4A08249EA39} - \AutoKMS -> No File <==== ATTENTION
Task: {43244643-E956-41FF-BA01-28D9F323DD58} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5D401822-F02D-4163-B52C-CF1698E691AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7419851C-4684-40F1-A113-7DA6A96F77E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {87DFA6BD-6BEC-41D4-B0AD-0C4E5294FBC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {894F128D-AC04-4B04-A2D6-FBCBB4432BAF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D085AC34-8D14-47D3-89E8-3FC4A8E3BC22} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F0314982-2966-4464-8602-0475B431F8E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F79AFD8C-8EE3-4698-A55E-A2F811B32EBB} - \DTReg -> No File <==== ATTENTION

CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end

Publicité


Signaler le contenu de ce document

Publicité