Publicité
Publicité
Format du document : text/plain
Prévisualisation
start::
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {8002ca8c-988d-11e6-aea4-0026222be3c8} - E:\AutoRun.exe
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {9371685b-c6c7-11e1-ae59-0026222be3c8} - F:\Setup.exe
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {c9a690a0-cc70-11e2-9585-0026222be3c8} - E:\LaunchU3.exe -a
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1604964470-2776009629-1814258144-1002 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2017-11-06] ()
S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys
2017-11-07 14:04 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2009-08-14 02:10 - 2008-04-29 14:04 - 000157442 _____ () C:\Program Files (x86)\Common Files\emachines.ico
2015-12-19 08:47 - 2015-12-19 08:47 - 000000000 ____H () C:\Users\Ahmed\AppData\Local\BIT9CCC.tmp
2015-12-19 08:47 - 2015-12-19 08:47 - 000000000 _____ () C:\Users\Ahmed\AppData\Local\{CDA43251-DEB4-49C0-BBB5-9DED4390318B}
2009-08-14 02:10 - 2009-07-18 02:57 - 000036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2017-11-06 20:15 - 2016-02-11 19:41 - 001314328 _____ (Microsoft Corporation) C:\Users\Administrateur\AppData\Local\Temp\dllnt_dump.dll
2017-11-06 18:27 - 2017-11-06 18:32 - 000000000 _____ () C:\Users\Ahmed\AppData\Local\Temp\{1B821955-B0C2-4D3C-B967-2BE577F9917A}-61.0.3163.100_chrome_installer.exe
Task: {2A6E4BCB-DD07-4A64-92FA-A87BFB8BBAB8} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2A6E4BCB-DD07-4A64-92FA-A87BFB8BBAB8} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {2C093CC8-1D7E-426D-9B3E-7437304F40FF} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2C093CC8-1D7E-426D-9B3E-7437304F40FF} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {4073BAE8-C2FE-43BF-9686-34F46B212E25} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1604964470-2776009629-1814258144-1002
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {45EED33F-3A9A-441D-95CC-2E9206ECBB9B} - System32\Tasks\{BCD735FC-D101-4333-818A-9045FB9E8E7F} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {A6BF7019-78BD-4E00-908D-0470CDE1C241} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.)
Task: {C423F0AD-5F9A-4584-B156-98CE9A3691C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.)
Task: {D6B70A59-0525-4AEA-872E-ACFCE3FD5A90} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {D6B70A59-0525-4AEA-872E-ACFCE3FD5A90} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0 [242]
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29 [134]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [131]
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2 [132]
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F [124]
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838 [116]
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [140]
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE [143]
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D [133]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
EmptyTemp:
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
reboot:
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {8002ca8c-988d-11e6-aea4-0026222be3c8} - E:\AutoRun.exe
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {9371685b-c6c7-11e1-ae59-0026222be3c8} - F:\Setup.exe
HKU\S-1-5-21-1604964470-2776009629-1814258144-1002\...\MountPoints2: {c9a690a0-cc70-11e2-9585-0026222be3c8} - E:\LaunchU3.exe -a
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1604964470-2776009629-1814258144-1002 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2017-11-06] ()
S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys
2017-11-07 14:04 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2009-08-14 02:10 - 2008-04-29 14:04 - 000157442 _____ () C:\Program Files (x86)\Common Files\emachines.ico
2015-12-19 08:47 - 2015-12-19 08:47 - 000000000 ____H () C:\Users\Ahmed\AppData\Local\BIT9CCC.tmp
2015-12-19 08:47 - 2015-12-19 08:47 - 000000000 _____ () C:\Users\Ahmed\AppData\Local\{CDA43251-DEB4-49C0-BBB5-9DED4390318B}
2009-08-14 02:10 - 2009-07-18 02:57 - 000036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2017-11-06 20:15 - 2016-02-11 19:41 - 001314328 _____ (Microsoft Corporation) C:\Users\Administrateur\AppData\Local\Temp\dllnt_dump.dll
2017-11-06 18:27 - 2017-11-06 18:32 - 000000000 _____ () C:\Users\Ahmed\AppData\Local\Temp\{1B821955-B0C2-4D3C-B967-2BE577F9917A}-61.0.3163.100_chrome_installer.exe
Task: {2A6E4BCB-DD07-4A64-92FA-A87BFB8BBAB8} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2A6E4BCB-DD07-4A64-92FA-A87BFB8BBAB8} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {2C093CC8-1D7E-426D-9B3E-7437304F40FF} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2C093CC8-1D7E-426D-9B3E-7437304F40FF} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {4073BAE8-C2FE-43BF-9686-34F46B212E25} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1604964470-2776009629-1814258144-1002
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {4360CFE7-381A-4913-81A9-638C75F1384E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
Task: {45EED33F-3A9A-441D-95CC-2E9206ECBB9B} - System32\Tasks\{BCD735FC-D101-4333-818A-9045FB9E8E7F} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {A6BF7019-78BD-4E00-908D-0470CDE1C241} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.)
Task: {C423F0AD-5F9A-4584-B156-98CE9A3691C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-12] (Google Inc.)
Task: {D6B70A59-0525-4AEA-872E-ACFCE3FD5A90} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {D6B70A59-0525-4AEA-872E-ACFCE3FD5A90} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation)
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0 [242]
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29 [134]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [131]
AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2 [132]
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F [124]
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838 [116]
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [140]
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE [143]
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D [133]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
EmptyTemp:
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
reboot: