Posté le 19 octobre 2018
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Akryls\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
Task: {25DC9AF1-E1DA-4D9B-B33F-0744F9D30676} - System32\Tasks\{CDB91E46-50E1-449B-9227-B49C018B9AB7} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\You-Boost\uninstyb.exe"
2018-10-14 11:39 - 2016-03-06 15:50 - 000003088 _____ C:\WINDOWS\System32\Tasks\{CDB91E46-50E1-449B-9227-B49C018B9AB7}
C:\Program Files (x86)\You-Boost
virustotal: C:\Users\Akryls\Desktop\Setup.exe
Task: {34421287-46E6-4600-8DB2-2DBD17D18E19} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {A7B5B57F-9296-4E87-BD49-A3446D22D896} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
AlternateDataStreams: C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Akryls\AppData\Local\Temp:$DATA​ [16]
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\ma-config.com -> hxxp://ma-config.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\ma-config.com -> hxxps://ma-config.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001\...\touslesdrivers.com -> hxxp://touslesdrivers.com
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ManualProxies:
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {A06675BF-CF10-4C4C-BEED-A1DD157EE9EB} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {A06675BF-CF10-4C4C-BEED-A1DD157EE9EB} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1134194100-2534358609-3575208447-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
FF user.js: detected! => C:\Users\Akryls\AppData\Roaming\Mozilla\Firefox\Profiles\wc2b48br.default\user.js [2016-03-06]
FF Plugin HKU\S-1-5-21-1134194100-2534358609-3575208447-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Pas de fichier]
CHR HomePage: Profile 1 -> hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Profile 1 -> "hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch"
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 cpuz138; \??\C:\Users\Akryls\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S2 sbmntr; \??\C:\PROGRA~2\YTDOWN~1\sbmntr.sys [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
S3 xspirit; \??\C:\WINDOWS\xspirit.sys [X]
2018-10-19 12:43 - 2018-10-19 12:43 - 000000000 _____ C:\WINDOWS\SysWOW64\RENF7A1.tmp
2018-10-14 11:39 - 2015-09-09 20:53 - 000003088 _____ C:\WINDOWS\System32\Tasks\Norton Product InstallerIdle
deletekey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611471155}
deletekey: HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
C:\Program Files (x86)\a8e942b8-2a1f-4e8d-b4de-2b0ea40b97e7
C:\Program Files (x86)\eSupport.com
C:\Users\Akryls\AppData\Roaming\Store
C:\Users\Akryls\AppData\Local\eSupport.com
deletekey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
deletekey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
deletekey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.