Posté le 16 avril 2019
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-954980037-1175302094-807176547-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\6730b\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-954980037-1175302094-807176547-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\6730b\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-954980037-1175302094-807176547-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\6730b\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\amd64\FileSyncShell64.dll => Pas de fichier
Task: {1153F832-DED5-443B-875D-00542CD34837} - System32\Tasks\ASC11_SkipUac_6730b => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {1613CB15-E58A-4581-9CDF-40E9040BADA1} - System32\Tasks\Driver Booster SkipUAC (6730b) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
C:\Program Files (x86)\IObit
C:\Program Files (x86)\Avira
C:\Program Files (x86)\Wondershare
C:\Program Files (x86)\Online Games Manager
Task: {217FF03A-5A67-438E-9058-11859DDF4AB8} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
Task: {252A55C8-0401-4A32-8085-3B127B56C84F} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\ProgramData\Temp:A303874F [173]
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKLM\...\StartupApproved\Run32: => "Avira Safe Shopping"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
FirewallRules: [UDP Query User{87269C01-2C37-42FB-905D-6BFCD01463EF}C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe Pas de fichier
FirewallRules: [TCP Query User{02ED6B7B-5E51-4E3C-8BD6-591F8131C98D}C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe Pas de fichier
FirewallRules: [TCP Query User{E54E0368-383A-4EC5-87D8-EABDE5E10E31}C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe Pas de fichier
FirewallRules: [UDP Query User{C028746B-3B99-484A-96AA-C46BEE3B2095}C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe] => (Allow) C:\program files (x86)\bsd concept\heredis 2018\heredis18.exe Pas de fichier
FirewallRules: [{82528CEB-91EA-4DA9-966C-E95F638B65D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Pas de fichier
FirewallRules: [{334489F4-BA16-4705-A6F6-8AE72258F8F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Pas de fichier
FirewallRules: [{E19E91EA-0940-40ED-89AA-9A74CB2FBEFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{99367111-2905-4801-96C8-E09B84E8FAB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\S-1-5-21-954980037-1175302094-807176547-1001 -> {4B97269D-75AA-4993-806E-8E1B68570C97} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-954980037-1175302094-807176547-1001 -> {9BE0CEB6-AE85-454F-9DAC-580A612B7947} URL =
SearchScopes: HKU\S-1-5-21-954980037-1175302094-807176547-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
FF Extension: (Avira Browser Safety) - C:\Users\6730b\AppData\Roaming\Mozilla\Firefox\Profiles\E94XaXvW.default\Extensions\abs@avira.com [2015-09-04] [Legacy] [non signé]
FF Extension: (Avira Password Manager) - C:\Users\6730b\AppData\Roaming\Mozilla\Firefox\Profiles\E94XaXvW.default\Extensions\passwordmanager@avira.com [2018-01-08] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-25] (Oracle America, Inc. -> Oracle Corporation)
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?affID=119776&tt=311012_ctrl_4412_2&babsrc=HP_ss&mntrId=d83c9c1f00000000000002225fbf4d94","hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-954980037-1175302094-807176547-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-12-16] (IObit Information Technology -> IObit)
S4 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (GameHouse Europe B.V. -> RealNetworks, Inc.)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-12-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-18] (Malwarebytes Corporation -> Malwarebytes)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-10-25] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-04-16] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
2019-04-16 21:13 - 2019-04-16 21:13 - 000000000 ____D C:\Users\6730b\AppData\Local\SlimWare Utilities Inc
2019-04-16 21:30 - 2018-04-16 11:00 - 000000000 ____D C:\Users\6730b\AppData\Roaming\IObit
2019-04-16 20:01 - 2018-04-17 10:25 - 000000000 ____D C:\Program Files (x86)\Incredibal
2013-03-28 16:40 - 2013-03-28 16:40 - 000000000 _____ () C:\Users\6730b\AppData\Local\AtStart.txt
2013-03-28 16:40 - 2013-03-28 16:40 - 000000000 _____ () C:\Users\6730b\AppData\Local\DSwitch.txt
2013-03-28 16:40 - 2013-03-28 16:40 - 000000000 _____ () C:\Users\6730b\AppData\Local\QSwitch.txt
hosts:
cmd: sfc /scannow
emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.