Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: H - H:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {0bb34987-652d-11e6-9e02-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {0bb349a6-652d-11e6-9e02-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {2590a1ba-08b1-11e3-a28c-806e6f6e6963} - F:\AutoRun\AutoRunX\AutoRunX.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {28b4bd27-6663-11e6-a764-2089845edd63} - H:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {72797b80-6645-11e6-a764-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {9db14fe4-3f31-11e6-970c-db690d3a23b9} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a0b12884-4adb-11e6-bcf4-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a0de1263-89bc-11e3-88d7-f4b7e2a36de5} - H:\Startme.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a594ba44-3e64-11e6-8de3-f1f80b61debc} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {ddbd31d0-96b9-11e5-9f92-d3000ebbb6b0} - G:\Startme.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {e35d9031-3f40-11e6-970c-db690d3a23b9} - G:\Auto.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Maxiget Software Manager (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Maxiget Software Manager) (Version: 1.6.14 - ) <==== ATTENTION
Software Management Module (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Software Management Module) (Version: 0.1.17.0 - Maxiget Ltd.) <==== ATTENTION
Yahoo! Search (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> OldSearch URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {24A95BD9-ECCD-4A8D-95E9-7CCC92D6A847} URL = hxxp://q.search-simple.com/?affID=pr_d0e5a830-d82e-4aa3-ad83-46c42e29153e&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {B2EDD107-A2EA-4E64-9AD4-C41CE59BA20A} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=949
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {F5D1979F-2AB2-4C28-B0EE-F36DF89007D6} URL = hxxps://www.google.com/search?q={searchTerms}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\f5y3cs7g.default [2017-03-24]
FF NewTab: Mozilla\Firefox\Profiles\f5y3cs7g.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF Homepage: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/search?trackid=sp-006
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
CHR HomePage: Default -> search-results.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxp://www.search-results.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search-results.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
Task: {ACDE7277-C3DA-467D-8332-4E97A389CF7B} - System32\Tasks\Yahoo! Search Updater => Wscript.exe //B "C:\Users\acer\AppData\Local\Pay-By-Ads\Yahoo! Search\1.4.2.5\..\updt.js" <==== ATTENTION
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: H - H:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {0bb34987-652d-11e6-9e02-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {0bb349a6-652d-11e6-9e02-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {2590a1ba-08b1-11e3-a28c-806e6f6e6963} - F:\AutoRun\AutoRunX\AutoRunX.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {28b4bd27-6663-11e6-a764-2089845edd63} - H:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {72797b80-6645-11e6-a764-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {9db14fe4-3f31-11e6-970c-db690d3a23b9} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a0b12884-4adb-11e6-bcf4-2089845edd63} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a0de1263-89bc-11e3-88d7-f4b7e2a36de5} - H:\Startme.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {a594ba44-3e64-11e6-8de3-f1f80b61debc} - G:\Auto.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {ddbd31d0-96b9-11e5-9f92-d3000ebbb6b0} - G:\Startme.exe
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\MountPoints2: {e35d9031-3f40-11e6-970c-db690d3a23b9} - G:\Auto.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
HKU\S-1-5-21-1107116363-1141585853-316225623-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Maxiget Software Manager (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Maxiget Software Manager) (Version: 1.6.14 - ) <==== ATTENTION
Software Management Module (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Software Management Module) (Version: 0.1.17.0 - Maxiget Ltd.) <==== ATTENTION
Yahoo! Search (HKU\S-1-5-21-1107116363-1141585853-316225623-1000\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> OldSearch URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {24A95BD9-ECCD-4A8D-95E9-7CCC92D6A847} URL = hxxp://q.search-simple.com/?affID=pr_d0e5a830-d82e-4aa3-ad83-46c42e29153e&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {B2EDD107-A2EA-4E64-9AD4-C41CE59BA20A} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=949
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1107116363-1141585853-316225623-1000 -> {F5D1979F-2AB2-4C28-B0EE-F36DF89007D6} URL = hxxps://www.google.com/search?q={searchTerms}
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\f5y3cs7g.default [2017-03-24]
FF NewTab: Mozilla\Firefox\Profiles\f5y3cs7g.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\f5y3cs7g.default -> Google (avast)
FF Homepage: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\f5y3cs7g.default -> hxxps://www.google.com/search?trackid=sp-006
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
CHR HomePage: Default -> search-results.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxp://www.search-results.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search-results.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
Task: {ACDE7277-C3DA-467D-8332-4E97A389CF7B} - System32\Tasks\Yahoo! Search Updater => Wscript.exe //B "C:\Users\acer\AppData\Local\Pay-By-Ads\Yahoo! Search\1.4.2.5\..\updt.js" <==== ATTENTION
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end