Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-02-08] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-18\...\Run: [Dashlane] => "C:\Users\pc\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\pc\AppData\Local\Facebook\Games\FacebookGameroom.exe (Pas de fichier)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131071654300771484&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\pc\AppData\Roaming\Dashlane\ie\Dashlanei.dll => Pas de fichier
BHO: Pas de nom -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll => Pas de fichier
BHO: Pas de nom -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> Pas de fichier
BHO: Pas de nom -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> Pas de fichier
BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
BHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL => Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll => Pas de fichier
BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll => Pas de fichier
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\pc\AppData\Roaming\Dashlane\ie\KWIEBar.dll Pas de fichier
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL Pas de fichier
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
"botxmjxa" => service a été déverrouillé. <==== ATTENTION
S2 botxmjxa; C:\Windows\system32\botxmjxa\tlodfdvh.exe [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 BstHdLogRotatorSvc; "C:\Program Files\BlueStacks\HD-LogRotatorService.exe" [X]
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [X]
S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]
S3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 PlaysService; "C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
S3 Steam Client Service; "C:\Program Files\Common Files\Steam\SteamService.exe" /RunAsService [X]
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [0 2017-09-06] () <==== ATTENTION (zéro octet Fichier/Dossier)
SearchmeToolbar (HKLM\...\{34B8FD13-83CB-44E0-86AD-EE4F67B6F661}) (Version: 1.00.0000 - Spigot, Inc.) <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.bat: batfile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.com: ComFile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.cmd: cmdfile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.reg: => <==== ATTENTION
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-02-08] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-18\...\Run: [Dashlane] => "C:\Users\pc\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-08-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\pc\AppData\Local\Facebook\Games\FacebookGameroom.exe (Pas de fichier)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131071654300771484&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\pc\AppData\Roaming\Dashlane\ie\Dashlanei.dll => Pas de fichier
BHO: Pas de nom -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll => Pas de fichier
BHO: Pas de nom -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> Pas de fichier
BHO: Pas de nom -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> Pas de fichier
BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
BHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~1\IObit\ADVANC~1\SURFIN~1\BROWER~1\ASCPLU~1.DLL => Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll => Pas de fichier
BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll => Pas de fichier
Toolbar: HKLM - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\pc\AppData\Roaming\Dashlane\ie\KWIEBar.dll Pas de fichier
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll Pas de fichier
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL Pas de fichier
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF HKU\S-1-5-21-478400719-566235881-3305381028-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-478400719-566235881-3305381028-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
"botxmjxa" => service a été déverrouillé. <==== ATTENTION
S2 botxmjxa; C:\Windows\system32\botxmjxa\tlodfdvh.exe [0 ] () <==== ATTENTION (zéro octet Fichier/Dossier)
S3 BstHdLogRotatorSvc; "C:\Program Files\BlueStacks\HD-LogRotatorService.exe" [X]
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [X]
S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]
S3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 PlaysService; "C:\Program Files\Raptr Inc\PlaysTV\plays_service.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 SkypeUpdate; "C:\Program Files\Skype\Updater\Updater.exe" [X]
S3 Steam Client Service; "C:\Program Files\Common Files\Steam\SteamService.exe" /RunAsService [X]
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [0 2017-09-06] () <==== ATTENTION (zéro octet Fichier/Dossier)
SearchmeToolbar (HKLM\...\{34B8FD13-83CB-44E0-86AD-EE4F67B6F661}) (Version: 1.00.0000 - Spigot, Inc.) <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.bat: batfile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.com: ComFile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.cmd: cmdfile => <==== ATTENTION
HKU\S-1-5-21-478400719-566235881-3305381028-1000\Software\Classes\.reg: => <==== ATTENTION
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end