Posté le 19 avril
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
Task: {355D6FAF-5ACB-4C50-B5FD-020755FB3667} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
C:\Program Files (x86)\AVG
Task: {48CB0DD2-7367-4F9D-8052-27CD91B58FAD} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {7739552B-A330-419D-BF7F-3F97A0C323BC} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (Alexey Nicolaychuk -> )
Task: {7E0C6101-AD88-4A47-B056-F4910BD63BAC} - System32\Tasks\CAM.Desktop => C:\Program Files (x86)\NZXT\CAM\CAM.Desktop.exe (NZXT -> )
Task: {A9076E19-B7A2-47B9-870E-5767FCA9DE32} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> )
virustotal: C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe
Task: {E449DCC9-C194-432E-8DB1-F31B15079367} - \CCleanerSkipUAC -> Pas de fichier <==== ATTENTION
Task: {EFEA8973-1021-4135-B9C9-698B8A5BF0F0} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]
IE trusted site: HKU\S-1-5-21-260518897-3061316358-3895465474-1001\...\sharepoint.com -> hxxps://bordeauxinpfr-files.sharepoint.com
GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-260518897-3061316358-3895465474-1001 -> {852BE688-4702-4975-895E-98570D3CFBF1} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Homepage: Mozilla\Firefox\Profiles\0a5dunvp.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Avira Browser Safety) - C:\Users\MisterUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\0a5dunvp.default\Extensions\abs@avira.com [2019-04-12] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\MisterUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\0a5dunvp.default\Extensions\passwordmanager@avira.com [2019-04-12]
FF SearchPlugin: C:\Users\MisterUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\0a5dunvp.default\searchplugins\bing-lavasoft-ff59.xml [2018-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
CHR NewTab: Default -> Not-active:"chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/html/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
C:\Users\MisterUnknown\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll
C:\Users\MisterUnknown\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
C:\Users\MisterUnknown\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <pas de Path/update_url>
CHR HKU\S-1-5-21-260518897-3061316358-3895465474-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - <pas de Path/update_url>
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
2019-04-19 19:57 - 2019-04-19 20:19 - 000000000 ____D C:\Users\MisterUnknown\AppData\Roaming\Process Hacker 2
2019-04-19 19:56 - 2019-04-19 20:19 - 000000000 ____D C:\Program Files\Process Hacker 2
2019-04-19 19:56 - 2019-04-19 19:56 - 002267848 _____ (wj32 ) C:\Users\MisterUnknown\Downloads\processhacker-2.39-setup.exe
2019-04-19 19:56 - 2019-04-19 19:56 - 002267848 _____ (wj32 ) C:\Users\MisterUnknown\Downloads\processhacker-2.39-setup (1).exe
2019-04-14 21:38 - 2019-04-14 21:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2019-04-12 19:37 - 2019-04-12 21:15 - 000000000 ____D C:\Users\MisterUnknown\AppData\Local\Avira
2019-04-12 19:36 - 2019-04-18 16:25 - 000000000 ____D C:\Program Files (x86)\Avira
2019-04-12 19:36 - 2019-04-18 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-04-12 19:36 - 2019-04-18 16:15 - 000000000 ____D C:\ProgramData\Avira
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
C:\Users\MisterUnknown\AppData\Roaming\Mozilla\Firefox\Profiles\0a5dunvp.default\searchplugins\bing-lavasoft-ff59.xml
deletekey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx
deletekey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
deletekey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx
deletekey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
cmd: netsh advfirewall reset
emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.