Posté le 1 juillet 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-26]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-3669778315-595722973-700023325-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-05-21]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
Task: {014FEFB0-7E60-445D-A17B-8F2166B54DE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier
Task: {04CF1028-0165-4C17-B302-C5FBD120F61D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier
Task: {0A1AB44F-4521-4D18-927E-4E581098AFF9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier
Task: {14220615-15D7-4ACD-9358-E914A16C828F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier
Task: {4A21B69D-160A-437F-8679-4A27899F17AF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier
Task: {4D196CCF-A7DB-42F1-9535-C387D0961719} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier
Task: {5C0D8FC9-8761-4144-ABF9-B28BA7DC9638} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier
Task: {688E0DCD-B2E7-4ACE-B66E-360AEF56EF5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04]
Task: {69841528-759F-4C1C-95E9-1B3C55B2B911} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-03]
Task: {70578106-14B1-47B3-89D2-17A24C471E1D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {7FEF8F5C-030C-4275-8DD2-A763D487AE95} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {85A9FB07-FB47-43A0-A6E2-7532C24AC66D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {89ED1E3E-92F7-4F30-A677-1004A028A534} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier
Task: {8BA26080-2D22-465B-AA35-D823CFDD63FB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {94222DEC-2CBB-4A27-A656-54CF5372676E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier
Task: {94E9A960-306C-4A3A-90E3-20A7D1079F7D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier
Task: {99B92CEE-1B85-43D5-B98C-9D87C653FD80} - System32\Tasks\Sk7179Pl => C:\Users\poulette et le loup\AppData\Roaming\prunld1155\he60947.exe
Task: {B356C5A4-D476-4528-BF21-D922C63F5104} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier
Task: {F1FB04C3-10A9-41DE-BB66-461759CCDB89} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {F5373347-851D-4993-A32F-40EE48268A60} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
SearchScopes: HKU\S-1-5-21-3669778315-595722973-700023325-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com [non trouvé(e)]
FF user.js: detected! => C:\Users\poulette et le loup\AppData\Roaming\Mozilla\Firefox\Profiles\a56oz1kx.default\user.js
FF Homepage: Mozilla\Firefox\Profiles\a56oz1kx.default -> hxxps://inline.go.mail.ru/homepage?inline_comp=ffhp15.1.11.102&inline_hp_cnt=11956636
FF Extension: (???????? ???????? Mail.Ru) - C:\Users\poulette et le loup\AppData\Roaming\Mozilla\Firefox\Profiles\a56oz1kx.default\Extensions\homepage@mail.ru.xpi
FF Extension: (????? Mail.Ru) - C:\Users\poulette et le loup\AppData\Roaming\Mozilla\Firefox\Profiles\a56oz1kx.default\Extensions\search@mail.ru.xpi
FF Extension: (?????????? ????????) - C:\Users\poulette et le loup\AppData\Roaming\Mozilla\Firefox\Profiles\a56oz1kx.default\Extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}.xpi
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <non trouvé(e)>
CHR HKU\S-1-5-21-3669778315-595722973-700023325-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [hjdkfkdkokphfploiiddakjokndinfgb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iepoegkaoeljnbhagabakjodgpfniimo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <pas de Path/update_url>
S3 Winmon; \??\C:\WINDOWS\System32\drivers\Winmon.sys [X]
S3 WinmonFS; \??\C:\WINDOWS\System32\drivers\WinmonFS.sys [X]
S1 WinmonProcessMonitor; \??\C:\WINDOWS\System32\drivers\WinmonProcessMonitor.sys [X]
2019-06-28 11:12 - 2019-06-28 11:12 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium.lnk
2019-06-28 11:11 - 2019-06-26 11:58 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-28 10:18 - 2019-06-28 10:18 - 000000000 ____D C:\ProgramData\Pader
2019-06-28 10:18 - 2019-06-28 10:18 - 000000000 ____D C:\ProgramData\4UJQASBZJ2186W4WVZE63KRKJ
2019-06-28 10:17 - 2019-06-28 10:19 - 000000000 ____D C:\ProgramData\Optimizer
2019-06-28 15:53 - 2019-04-17 18:54 - 000003856 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 15:53 - 2019-04-17 18:54 - 000003272 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 15:53 - 2018-06-03 12:47 - 000002545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-26 12:00 - 2018-05-13 21:41 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-26 11:59 - 2018-11-03 09:02 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-26 11:59 - 2018-05-13 21:41 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-26 11:59 - 2018-05-13 21:41 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-26 11:59 - 2018-05-13 21:41 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-26 11:57 - 2018-05-13 21:41 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-26 11:57 - 2018-05-13 21:41 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-26 11:56 - 2019-03-01 20:11 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-06-26 11:56 - 2019-01-14 17:22 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-26 11:56 - 2019-01-10 05:20 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-26 11:56 - 2019-01-10 05:20 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2018-06-20 16:49 - 2018-06-20 16:49 - 000000171 _____ () C:\Users\poulette et le loup\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-06-20 16:49 - 2018-06-20 16:49 - 000000304 _____ () C:\Users\poulette et le loup\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-06-20 16:49 - 2018-06-20 16:49 - 000000175 _____ () C:\Users\poulette et le loup\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-26]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-26]
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-26]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> Pas de fichier
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-26]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-26]
2019-05-21 22:43 - 2018-11-14 17:54 - 048936448 _____ () [Fichier non signé] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
HKLM\...\StartupApproved\Run: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKU\S-1-5-21-3669778315-595722973-700023325-1000\...\StartupApproved\Run: => "uTorrent"
EmptyTemp:
cmd: ipconfig /flushdns
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.