Posté le 12 février 2018
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [486]
AlternateDataStreams: C:\ProgramData\Temp:972E3A44 [117]
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02112018191531312\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02112018191625534\...\localhost -> localhost
HKLM\...\.scr: EAGLESCR => "%1" /S <==== ATTENTION
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{634b80e4-b521-41ed-a95b-3cba7284ad57}: [DhcpNameServer] 40.53.1.16
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2879357113-1210766409-2314680763-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-2879357113-1210766409-2314680763-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02112018191531312\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02112018191531312 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2879357113-1210766409-2314680763-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02112018191625534 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\n7z79sxz.default -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\n7z79sxz.default -> backup.ftp", "nepsrv.shelfoffice.local"
FF Extension: (PiP Video) - C:\Users\pierr\AppData\Roaming\Mozilla\Firefox\Profiles\n7z79sxz.default\Extensions\@pip-vid.xpi [2017-10-17] [Legacy]
FF Extension: (ChatZilla) - C:\Users\pierr\AppData\Roaming\Mozilla\Firefox\Profiles\n7z79sxz.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-01-23] [Legacy]
FF Extension: (Pas de nom) - C:\Users\pierr\AppData\Roaming\Mozilla\Firefox\Profiles\n7z79sxz.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2017-05-26]
CHR Profile: C:\Users\pierr\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-09-23] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Avast Online Security) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-26]
CHR Extension: (Avast SafePrice) - C:\Users\pierr\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-14]
2018-02-11 19:27 - 2018-02-11 19:27 - 000131072 ___HT C:\Users\pierr\Documents\~archive.pst.tmp
2018-01-23 13:58 - 2018-01-23 13:58 - 000000000 _____ C:\Users\pierr\AppData\Local\{34138BE6-8D8B-4C29-A171-84238F6F67C5}
2018-01-23 13:58 - 2018-01-23 13:58 - 000000000 _____ C:\Users\pierr\AppData\Local\{2F6CD8E7-B74D-4195-9A20-E126E37A4890}
2018-02-11 19:15 - 2017-04-23 11:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-11 19:13 - 2016-01-28 20:13 - 000000711 _____ C:\Users\pierr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-07-19 09:44 - 2016-07-19 09:47 - 301132301 _____ () C:\Users\pierr\AppData\Local\ACCCx3_7_0_272.zip.aamdownload
2016-07-19 09:44 - 2016-07-19 09:47 - 000003371 _____ () C:\Users\pierr\AppData\Local\ACCCx3_7_0_272.zip.aamdownload.aamd
2016-11-28 15:52 - 2016-11-29 09:49 - 308516124 _____ () C:\Users\pierr\AppData\Local\ACCCx3_9_1_335.zip.aamdownload
2016-11-28 15:52 - 2016-11-28 15:53 - 000003455 _____ () C:\Users\pierr\AppData\Local\ACCCx3_9_1_335.zip.aamdownload.aamd
2016-01-04 11:36 - 2017-11-05 12:16 - 000013312 _____ () C:\Users\pierr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 13:02 - 2016-06-23 13:02 - 000007605 _____ () C:\Users\pierr\AppData\Local\Resmon.ResmonCfg
2016-05-05 10:00 - 2016-09-05 08:22 - 000028672 _____ () C:\Users\pierr\AppData\Local\SqlCe35AddinStore.sdf
2016-04-15 07:55 - 2016-04-15 07:55 - 000000000 _____ () C:\Users\pierr\AppData\Local\{2A76D838-4562-4E7E-B021-BAFAABAC0586}
2018-01-23 13:58 - 2018-01-23 13:58 - 000000000 _____ () C:\Users\pierr\AppData\Local\{2F6CD8E7-B74D-4195-9A20-E126E37A4890}
2018-01-23 13:58 - 2018-01-23 13:58 - 000000000 _____ () C:\Users\pierr\AppData\Local\{34138BE6-8D8B-4C29-A171-84238F6F67C5}
2016-09-10 16:19 - 2016-09-10 16:19 - 000000000 _____ () C:\Users\pierr\AppData\Local\{755B4580-134C-45F4-8958-D5CDC02B7236}
2016-04-24 02:32 - 2016-04-25 06:41 - 000000000 _____ () C:\Users\pierr\AppData\Local\{A9110DFF-073F-4357-B391-84EE4268BDE3}
2016-04-19 03:27 - 2016-04-19 03:27 - 000000000 _____ () C:\Users\pierr\AppData\Local\{B7C0BB20-D975-42C7-BC19-E1975069B67A}
2016-06-21 03:52 - 2016-06-21 03:52 - 000000000 _____ () C:\Users\pierr\AppData\Local\{E74F594F-10FA-4D31-ABF0-7B6E2A6103CC}

cmd: ipconfig /flushdns
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.