Publicité
Publicité
Format du document : text/plain
Prévisualisation
CreateRestorepoint:
CloseProcesses:
Task: {117B42E5-A75B-47FF-9201-399B7D4B2A10} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
C:\Program Files (x86)\Microsoft Office\
HKU\S-1-5-21-508352234-1840242419-2900643071-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-508352234-1840242419-2900643071-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Yahoo! Toolbar Helper -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll => Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll Pas de fichier
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxp://www.sweet-page.com/?type=hp&ts=1418992352&from=cor&uid=ST31000524AS_9VPDKKCGXXXX9VPDKKCG","hxxp://Vosteran.com/?f=7&a=vst_wnzp01_14_51_ch&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyBzztD0D0EzyyBtCyEtAtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDzyyD0CyE0C0EtCtGzy0BtDtAtGyE0EyCzytG0DyCtCyBtGyBtAzy0FzztDtD0FtDtCyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyByCyC0ByBtD0FtGtAtB0E0BtGyE0C0F0EtG0Azy0CtBtGyD0CtByE0EyD0CzztAyB0Czy2Q&cr=971494371&ir=","hxxp://vosteran.com/?f=7&a=vst_ggfc_15_04_ch&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyBzztD0D0EzyyBtCyEtAtN0D0Tzu0StCtCtCyDtN1L2XzutAtFyBtFtAtFtBtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0FtB0FtAyByDzytGzyyCzztAtG0EzytB0BtG0Czz0DtAtGtB0BzzyCzzyD0C0F0CtBtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyByCyC0ByBtD0FtGtAtB0E0BtGyE0C0F0EtG0Azy0CtBtGyD0CtByE0EyD0CzztAyB0Czy2Q&cr=2012115987&ir=","hxxp://istart.webssearches.com/?type=hppp&ts=1422287274&from=key7&uid=ST31000524AS_9VPDKKCGXXXX9VPDKKCG","hxxp://www.istartsurf.com/?type=hp&ts=1435985733&z=00888edc9e5a43945b6403cg3z5c7w6t4b7w4m1c1g&from=tugs&uid=HGSTXHTS541010A9E680_JA10001F1S9JEN1S9JENX","hxxp://www.mystartsearch.com/?type=hp&ts=1435993343&z=0b570a8ece53ca4c27b5275g9z8c5w7t4t1c6cez9e&from=tugs&uid=HGSTXHTS541010A9E680_JA10001F1S9JEN1S9JENX","hxxps://www.google.com/?trackid=sp-006"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
cmd: ipconfig /flushdns
cmd: dism /online /cleanup-image /checkhealth
cmd: netsh advfirewall reset
removeproxy:
emptytemp:
CloseProcesses:
Task: {117B42E5-A75B-47FF-9201-399B7D4B2A10} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS\AutoKMS.exe
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
C:\Program Files (x86)\Microsoft Office\
HKU\S-1-5-21-508352234-1840242419-2900643071-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-508352234-1840242419-2900643071-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Yahoo! Toolbar Helper -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll => Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll Pas de fichier
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxp://www.sweet-page.com/?type=hp&ts=1418992352&from=cor&uid=ST31000524AS_9VPDKKCGXXXX9VPDKKCG","hxxp://Vosteran.com/?f=7&a=vst_wnzp01_14_51_ch&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyBzztD0D0EzyyBtCyEtAtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDzyyD0CyE0C0EtCtGzy0BtDtAtGyE0EyCzytG0DyCtCyBtGyBtAzy0FzztDtD0FtDtCyE0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyByCyC0ByBtD0FtGtAtB0E0BtGyE0C0F0EtG0Azy0CtBtGyD0CtByE0EyD0CzztAyB0Czy2Q&cr=971494371&ir=","hxxp://vosteran.com/?f=7&a=vst_ggfc_15_04_ch&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyBzztD0D0EzyyBtCyEtAtN0D0Tzu0StCtCtCyDtN1L2XzutAtFyBtFtAtFtBtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0FtB0FtAyByDzytGzyyCzztAtG0EzytB0BtG0Czz0DtAtGtB0BzzyCzzyD0C0F0CtBtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyByCyC0ByBtD0FtGtAtB0E0BtGyE0C0F0EtG0Azy0CtBtGyD0CtByE0EyD0CzztAyB0Czy2Q&cr=2012115987&ir=","hxxp://istart.webssearches.com/?type=hppp&ts=1422287274&from=key7&uid=ST31000524AS_9VPDKKCGXXXX9VPDKKCG","hxxp://www.istartsurf.com/?type=hp&ts=1435985733&z=00888edc9e5a43945b6403cg3z5c7w6t4b7w4m1c1g&from=tugs&uid=HGSTXHTS541010A9E680_JA10001F1S9JEN1S9JENX","hxxp://www.mystartsearch.com/?type=hp&ts=1435993343&z=0b570a8ece53ca4c27b5275g9z8c5w7t4t1c6cez9e&from=tugs&uid=HGSTXHTS541010A9E680_JA10001F1S9JEN1S9JENX","hxxps://www.google.com/?trackid=sp-006"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
cmd: ipconfig /flushdns
cmd: dism /online /cleanup-image /checkhealth
cmd: netsh advfirewall reset
removeproxy:
emptytemp: