start::
CreateRestorePoint:
CloseProcesses:
Hosts:
C:\Program Files\AVG
Task: {064839A4-E4E2-4EE0-BD22-4B24D26FE439} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [2018-01-31] (AVG Technologies CZ, s.r.o.)
2018-03-04 10:52 - 2018-01-31 10:59 - 000281840 _____ () C:\Program Files\AVG\Secure VPN\tasks_core.dll
FirewallRules: [TCP Query User{E0263AC1-F5B9-48CC-A25A-1605FA388FB9}C:\users\lionez\téléchargements\au cas eu\sprite\lf2_v2.0\lf2.exe] => (Allow) C:\users\lionez\téléchargements\au cas eu\sprite\lf2_v2.0\lf2.exe
FirewallRules: [UDP Query User{A2E43A8D-752C-4B4E-91BF-BAC2107B4E4D}C:\users\lionez\téléchargements\au cas eu\sprite\lf2_v2.0\lf2.exe] => (Allow) C:\users\lionez\téléchargements\au cas eu\sprite\lf2_v2.0\lf2.exe
StandardProfile\AuthorizedApplications: [C:\Users\Diaby\AppData\Roaming\DDos.exe] => Enabled:Windows Messanger
HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2018-03-04]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies CZ, s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{853752D9-BB44-4022-863A-F853E080C9A6}: [NameServer] 77.234.40.79
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Pas de nom -> {C0E8AE32-0758-4C8D-AB71-23B361FE8964} -> Pas de fichier
Handler: livecall - Pas de valeur CLSID - 
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF HKLM\...\Firefox\Extensions: [@sandblast] -  => non trouvé(e)
FF HKU\S-1-5-21-377985148-792701347-3327087119-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox => non trouvé(e)
FF HKU\S-1-5-21-377985148-792701347-3327087119-1014\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi => non trouvé(e)
FF HKU\S-1-5-21-377985148-792701347-3327087119-1014\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => non trouvé(e)
FF Plugin HKU\S-1-5-21-377985148-792701347-3327087119-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Diaby\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Pas de fichier]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
U3 iswSvc; pas de ImagePath
S1 MpKsl7bdce773; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E20A7C92-C719-4CB6-A58B-2AE611907F9C}\MpKsl7bdce773.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
2018-03-04 10:53 - 2018-03-04 10:53 - 000001040 _____ C:\Users\Public\Desktop\AVG Secure VPN.lnk
2018-03-04 10:52 - 2018-03-11 07:31 - 000000000 ____D C:\ProgramData\AVG
2018-03-04 10:52 - 2018-03-11 07:31 - 000000000 ____D C:\Program Files\AVG
2018-03-02 20:28 - 2018-03-02 21:06 - 000000000 ____D C:\Users\Lionez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2018-03-02 20:28 - 2018-03-02 20:28 - 000000000 ____D C:\Users\Public\Downloads\Norton
2018-03-02 18:27 - 2018-03-02 18:27 - 000196837 _____ C:\ProgramData\cl.uninstall.1520011233.bdinstall.bin
2018-03-01 12:37 - 2018-03-01 12:37 - 000039894 _____ C:\ProgramData\vpn.uninstall.1519904113.bdinstall.bin
2018-03-01 08:44 - 2018-03-01 08:44 - 000065649 _____ C:\ProgramData\vpn.1519889866.bdinstall.bin
2018-03-01 08:33 - 2018-03-01 08:33 - 000395730 _____ C:\ProgramData\cl.1519888835.bdinstall.bin
2018-03-01 08:33 - 2018-03-01 08:33 - 000076845 _____ C:\ProgramData\cl.kit.1519888726.bdinstall.bin
2018-03-01 08:10 - 2018-03-01 08:10 - 000047870 _____ C:\ProgramData\agent.1519888239.bdinstall.bin
2018-02-28 21:53 - 2018-02-28 21:55 - 000000000 ____D C:\0234f774e741782b21d6b1
2018-02-28 20:06 - 2018-02-28 20:06 - 011145120 _____ C:\Users\Diaby\Downloads\bitdefender_antivirus.exe
2018-02-28 19:44 - 2018-02-28 19:44 - 000000000 ____D C:\Users\Lionez\AppData\Roaming\Bitdefender
2018-02-23 19:01 - 2018-02-23 19:10 - 000000000 ____D C:\Users\Diaby\AppData\Local\NordVPN
2018-02-11 19:59 - 2018-02-11 19:59 - 000000000 ____D C:\Users\Lionez\youwave
2018-02-11 19:59 - 2018-02-11 19:59 - 000000000 ____D C:\Users\Lionez\Documents\webkit
2018-02-11 19:58 - 2018-02-11 19:58 - 000000000 ____D C:\Users\Administrateur.Diaby-PC.000\youwave
2018-03-01 08:43 - 2018-03-01 08:43 - 000290304 _____ (Microsoft Corporation) C:\Users\Administrateur.Diaby-PC.000\AppData\Local\temp\CakeTubeSdk.Windows.Service.subinacl.exe
2018-02-24 21:08 - 2018-02-24 22:10 - 000000000 _____ () C:\Users\Diaby\AppData\Local\temp\19480092594194a127310869d618ccd6.dll
2018-03-04 08:58 - 2018-03-04 08:58 - 007850088 _____ (Microsoft Corporation) C:\Users\Diaby\AppData\Local\temp\BingBarSetup-Partner.exe
RemoveProxy:
EmptyTemp:
cmd: ipconfig /flushdns
end::