Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
Hosts:
CreateRestorePoint:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
Tcpip\..\Interfaces\{D93495C8-C7E6-43CE-A9FC-0AB1F3502FEF}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{D93495C8-C7E6-43CE-A9FC-0AB1F3502FEF}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{FA46333D-E3C1-4368-9170-08B64B5DEDFE}: [NameServer] 82.163.143.157 82.163.142.159
SearchScopes: HKU\S-1-5-21-3886903500-381135128-1545093519-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqJvjaGwRUnfYzYVPx3lc5nSGoZqrPhqYGcnkfmCfP9EJkhTGloSYlENuKYXE6crbDCKBs1z8R4_-PReFegwB6Wz7O0Esqu19pdKEzYMv1OCT3fit6x7aQo7YL1zFEVScRICMPtc9DD2MTLxbnuOotSuvG42izAAFWyR4DifQ&q={searchTerms}
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mjcnhgdodmhnpmndnljbmafpgomahfal] -
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
S2 QQPCRTP; "D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCRtp.exe" -r [X]
S2 QQRepairdf; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairdf" [X]
S2 Recover; C:\Program Files\Fichiers communs\MYJIHNTR9VE15\iqMkhgrDA9.exe [X]
S3 mdareDriver_62; \??\C:\Users\Maxime\AppData\Local\Temp\FCPreScan\mdare64_62.sys [X] <==== ATTENTION
S1 QMUdisk; \??\D:\Program Files (x86)\Tencent\QQPCMgr\12.3.18489.224\QMUdisk64.sys [X]
S1 softaal; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\softaal64.sys [X]
S1 TsDefenseBt; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\TsNetHlpX64.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
2017-04-17 22:06 - 2017-04-17 22:06 - 00036344 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2017-04-16 17:31 - 2017-04-17 22:05 - 00000000 ____D C:\ProgramData\TXQMPC
2017-04-16 17:31 - 2017-04-17 21:56 - 00000000 ____D C:\ProgramData\Microleaves
2017-04-16 17:31 - 2017-04-16 17:31 - 00000000 ____D C:\Program Files\Common Files\Tencent
2017-04-16 17:28 - 2017-04-16 17:28 - 00000000 ____D C:\Program Files (x86)\Microleaves
2017-04-16 17:27 - 2017-04-20 09:18 - 00000000 ____D C:\Users\Maxime\AppData\Roaming\Microleaves
2017-04-16 17:18 - 2017-04-16 17:18 - 00000000 ____D C:\Users\Maxime\AppData\Local\Chromium
2017-04-16 17:10 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\CE6RP17YF5
2017-04-16 16:51 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\NLG2VG61CY
2017-04-16 16:51 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\7J498T9KSU
2017-03-26 22:24 - 2017-03-28 16:30 - 00003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-17 22:25 - 2017-04-17 22:27 - 53908408 _____ (Tencent) C:\Users\Maxime\AppData\Local\Temp\PCMgr_Setup_12_3_18489_224.exe
Task: {0689E14E-98E9-4397-9DC1-54C74B5E1483} - System32\Tasks\{014AD736-FF9C-5E66-39BC-63967D7AE44C} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\89f85d59\d695b9fb.dll" <==== ATTENTION
Task: {F986F589-4F62-4FAA-984A-7EA9555CB3CD} - System32\Tasks\{1F01B9AE-A8AA-0E05-D3F4-D76877844203} => C:\ProgramData\{21F4A229-965F-1582-6232-ABC382B0ABFF}\569A8377-E131-34DC-521F-DBB70AC4AB9D.exe <==== ATTENTION
EmptyTemp:
end
CloseProcesses:
Hosts:
CreateRestorePoint:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
Tcpip\..\Interfaces\{D93495C8-C7E6-43CE-A9FC-0AB1F3502FEF}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{D93495C8-C7E6-43CE-A9FC-0AB1F3502FEF}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{FA46333D-E3C1-4368-9170-08B64B5DEDFE}: [NameServer] 82.163.143.157 82.163.142.159
SearchScopes: HKU\S-1-5-21-3886903500-381135128-1545093519-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqJvjaGwRUnfYzYVPx3lc5nSGoZqrPhqYGcnkfmCfP9EJkhTGloSYlENuKYXE6crbDCKBs1z8R4_-PReFegwB6Wz7O0Esqu19pdKEzYMv1OCT3fit6x7aQo7YL1zFEVScRICMPtc9DD2MTLxbnuOotSuvG42izAAFWyR4DifQ&q={searchTerms}
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier
CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mjcnhgdodmhnpmndnljbmafpgomahfal] -
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx
S2 QQPCRTP; "D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\QQPCRtp.exe" -r [X]
S2 QQRepairdf; "C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairdf" [X]
S2 Recover; C:\Program Files\Fichiers communs\MYJIHNTR9VE15\iqMkhgrDA9.exe [X]
S3 mdareDriver_62; \??\C:\Users\Maxime\AppData\Local\Temp\FCPreScan\mdare64_62.sys [X] <==== ATTENTION
S1 QMUdisk; \??\D:\Program Files (x86)\Tencent\QQPCMgr\12.3.18489.224\QMUdisk64.sys [X]
S1 softaal; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\softaal64.sys [X]
S1 TsDefenseBt; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\TsDefenseBT64.sys [X]
S2 tsnethlpx64; \??\D:\Program Files (x86)\Tencent\QQPCMgr\11.8.17919.214\TsNetHlpX64.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
2017-04-17 22:06 - 2017-04-17 22:06 - 00036344 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2017-04-16 17:31 - 2017-04-17 22:05 - 00000000 ____D C:\ProgramData\TXQMPC
2017-04-16 17:31 - 2017-04-17 21:56 - 00000000 ____D C:\ProgramData\Microleaves
2017-04-16 17:31 - 2017-04-16 17:31 - 00000000 ____D C:\Program Files\Common Files\Tencent
2017-04-16 17:28 - 2017-04-16 17:28 - 00000000 ____D C:\Program Files (x86)\Microleaves
2017-04-16 17:27 - 2017-04-20 09:18 - 00000000 ____D C:\Users\Maxime\AppData\Roaming\Microleaves
2017-04-16 17:18 - 2017-04-16 17:18 - 00000000 ____D C:\Users\Maxime\AppData\Local\Chromium
2017-04-16 17:10 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\CE6RP17YF5
2017-04-16 16:51 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\NLG2VG61CY
2017-04-16 16:51 - 2017-04-17 21:55 - 00000000 ____D C:\Program Files\7J498T9KSU
2017-03-26 22:24 - 2017-03-28 16:30 - 00003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-17 22:25 - 2017-04-17 22:27 - 53908408 _____ (Tencent) C:\Users\Maxime\AppData\Local\Temp\PCMgr_Setup_12_3_18489_224.exe
Task: {0689E14E-98E9-4397-9DC1-54C74B5E1483} - System32\Tasks\{014AD736-FF9C-5E66-39BC-63967D7AE44C} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\89f85d59\d695b9fb.dll" <==== ATTENTION
Task: {F986F589-4F62-4FAA-984A-7EA9555CB3CD} - System32\Tasks\{1F01B9AE-A8AA-0E05-D3F4-D76877844203} => C:\ProgramData\{21F4A229-965F-1582-6232-ABC382B0ABFF}\569A8377-E131-34DC-521F-DBB70AC4AB9D.exe <==== ATTENTION
EmptyTemp:
end