Posté le 14 février 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:6061;https=127.0.0.1:6061
ProxyServer: [HKLM-x32] => http=127.0.0.1:6061;https=127.0.0.1:6061
AutoConfigURL: [HKLM] => http=127.0.0.1:6061;https=127.0.0.1:6061
ManualProxies: 1http=127.0.0.1:6061;https=127.0.0.1:6061
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796576296-477058736-2758871048-1002 -> {5e7797ae-5ca1-4b50-95d8-97e746340487} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_17_43_ssg02&cd=2XzuyEtN2Y1L1Qzu0DtDyDyByB0B0AyCtCtCtC0AzyyEtCyBtN0D0Tzu0StBtCtBtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyC0CtDtAzzyE0A0DtGyDyE0E0FtG0AyEyB0CtGtDyEtD0CtGyBtD0DtAtByDtD0BzzyEtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyCtByB0DyD0AtGtByC0AyEtGyEyCzy0AtG0B0F0EtBtGtAzytAtDtDtAyBtCyB0D0FtB2QtN0A0LzuyE&cr=132281005&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1796576296-477058736-2758871048-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BA6C134DD-27C7-43C6-8D0B-E738D2720C9B%7D&gp=811610
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\mikecoco\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2019-02-12] (LLC Mail.Ru -> Mail.Ru)
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811610"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7BC407AF56-2E94-49E6-AD37-90C562987EE7%7D&gp=811610
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
R1 MDZjM; \??\C:\WINDOWS\system32\drivers\MDZjM [X]
2019-02-12 06:00 - 2019-02-12 06:03 - 000000000 ___DC C:\Users\mikecoco\AppData\Roaming\infoSiw
2019-02-12 06:00 - 2019-02-12 06:02 - 000000000 ___DC C:\Users\mikecoco\AppData\Roaming\ShopMore
2019-02-12 06:00 - 2019-02-12 06:02 - 000000000 ___DC C:\Users\mikecoco\AppData\Local\Mail.Ru
2019-02-12 06:00 - 2019-02-12 06:00 - 000001334 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G&#1086;ogle &#1057;hrom&#1077;.lnk
2019-02-12 06:00 - 2019-02-12 06:00 - 000000000 ___DC C:\Users\mikecoco\AppData\Roaming\SPI
2019-02-12 06:00 - 2019-02-12 06:00 - 000000000 ___DC C:\Users\mikecoco\AppData\Roaming\Browsers
2019-02-12 06:00 - 2019-02-12 06:00 - 000000000 ___DC C:\ProgramData\Mail.Ru
2019-02-11 09:49 - 2019-02-11 09:49 - 000151344 _____ C:\WINDOWS\system32\Drivers\MDZjM
2019-01-24 06:06 - 2017-02-26 12:46 - 000000000 ___DC C:\Users\mikecoco\AppData\Local\MSfree Inc
2019-02-12 06:00 - 2019-02-12 06:00 - 007970945 ____C () C:\Users\mikecoco\AppData\Local\Temp\s2s.exe
2019-02-12 06:00 - 2019-02-12 06:00 - 000586113 ____C (ZRFXRD ) C:\Users\mikecoco\AppData\Local\Temp\Setup.exe
2019-02-12 06:00 - 2019-02-12 06:00 - 009126360 ____C (Shop More ) C:\Users\mikecoco\AppData\Local\Temp\UpProSetup.exe
2019-02-02 22:14 - 2019-02-02 22:14 - 000000000 ____C () C:\Users\mikecoco\AppData\Local\Temp\_kcorpdt.dll
CustomCLSID: HKU\S-1-5-21-1796576296-477058736-2758871048-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-745CC8920C8C}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
Shortcut: C:\Users\mikecoco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int&#1077;rn&#1077;t Ex&#1088;lor&#1077;r.lnk -> C:\Users\mikecoco\AppData\Roaming\Browsers\exe.erolpxei.bat (Pas de fichier) <==== Cyrillic
Shortcut: C:\Users\mikecoco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G&#1086;ogle &#1057;hrom&#1077;.lnk -> C:\Users\mikecoco\AppData\Roaming\Browsers\exe.emorhc.bat (Pas de fichier) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G&#1086;ogle &#1057;hrom&#1077;.lnk -> C:\Users\mikecoco\AppData\Roaming\Browsers\exe.emorhc.bat (Pas de fichier) <==== Cyrillic
ShortcutWithArgument: C:\Users\mikecoco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
C:\Users\mikecoco\AppData\Local\Temp\Setup.exe
C:\WINDOWS\SECOH-QAD.dll
C:\Program Files\KMSpico
RemoveProxy:
EmptyTemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.