Posté le 15 février 2019
Télécharger | Reposter | Largeur fixe

Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-3598327361-1197732640-4219432563-1001\...\Run: [Chromium] => c:\users\couler\appdata\local\chromium\application\chrome.exe [828416 2017-01-23] (The Chromium Authors)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3598327361-1197732640-4219432563-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001 -> DefaultScope {651E80A6-E89C-4FE5-BDA3-79A7377362CE} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001 -> {651E80A6-E89C-4FE5-BDA3-79A7377362CE} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_j_19_03_jny_soverj_00_00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyE0DyDyEtAzzzz0CyEyDtAtAyD0EtN0D0Tzu0StByDyBtDtN1L2XzuyEtFtAtAtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtBtB1TtD1QtC1OtGyEyB1SyDtGyE1QyEzytG1TyE1R1PtG1TyEtDyD1TtDtD1PyByDzz1O2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyzytDyDzy1T1StAtG1Rzz1TtCtGyEyCtCyEtG1TyEyBtCtGzy1SzytAtC1TzztDtDtCtBzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyEyByEtByEtDtDtD%26cr%3D36067607%26a%3Dhdr_j_19_03_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001 -> hxxp://www.accueil-nav.com/
FF SearchPlugin: C:\Users\couler\AppData\Roaming\Mozilla\Firefox\Profiles\7an3b8gn.default-1503653036205\searchplugins\yhs.xml [2019-01-18]
CHR HomePage: Default -> hxxp://www.accueil-nav.com/
CHR DefaultSearchURL: Default -> hxxp://www.accueil-nav.com/search?q={searchTerms}
C:\Users\couler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej
CHR HKLM\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3598327361-1197732640-4219432563-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3598327361-1197732640-4219432563-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3598327361-1197732640-4219432563-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
S2 ByteFenceService; "c:\program files\bytefence\ByteFenceService.exe" [X]
S2 rtop; "c:\program files\bytefence\rtop\bin\rtop_svc.exe" [X]
2019-02-06 11:55 - 2019-02-06 11:55 - 000000000 _____ C:\SDT6FA.tmp
2019-01-28 09:25 - 2019-01-28 09:25 - 000000000 _____ C:\SDT9A6E.tmp
2019-01-18 09:55 - 2019-01-18 09:55 - 000002345 _____ C:\Users\couler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2019-01-18 09:55 - 2019-01-18 09:55 - 000002337 _____ C:\Users\couler\Desktop\Chromium.lnk
2019-01-18 09:54 - 2019-01-18 09:55 - 000000000 ____D C:\Users\couler\AppData\Local\chromium
2019-01-18 09:53 - 2019-02-08 01:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\segasoha
2019-01-18 09:53 - 2019-02-08 01:53 - 000000000 ____D C:\Users\couler\AppData\Roaming\31dbcdd2ac0655c6
2019-01-18 09:53 - 2019-01-18 09:55 - 000000000 ____D C:\Users\couler\AppData\Local\{1337256B-379F-49D3-5A07-6C3B7E6F90A3}
2019-01-18 09:53 - 2019-01-18 09:53 - 000001408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2018-11-26 17:36 - 2018-11-26 17:36 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT22C4.tmp
2018-10-19 11:47 - 2018-10-19 11:47 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT54AD.tmp
2018-10-19 11:47 - 2018-10-19 11:47 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT54CD.tmp
2019-01-10 02:48 - 2019-01-10 02:48 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT716B.tmp
2019-01-10 02:48 - 2019-01-10 02:48 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT718B.tmp
2018-10-27 14:24 - 2018-10-27 14:24 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT8BF9.tmp
2018-10-27 14:24 - 2018-10-27 14:24 - 000000000 _____ () C:\Users\couler\AppData\Local\BIT8C19.tmp
C:\Program Files\ByteFence
CustomCLSID: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\couler\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\couler\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\couler\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3598327361-1197732640-4219432563-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\couler\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Pas de fichier
Task: {3808CF63-1711-4662-A7F7-5A335454931A} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe (Byte Technologies LLC -> Byte Technologies LLC)
Hosts:
EmptyTemp:
End::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.