Posté le 5 octobre 2019
Télécharger | Reposter | Largeur fixe

Start::
CreateRestorePoint:
CloseProcesses:
Task: {504E0730-44D0-4D82-8FAD-AEE86E1EAFB0} - System32\Tasks\{6569E631-B6AE-3680-5991-2FB4B59819DC} => C:\Users\thiba\AppData\Local\Fefebu\LADILE~1.EXE [2324992 2013-04-12] () [Fichier non signé]
Task: {65760983-0CCB-4639-A9CB-F707294C1FAB} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {FFB32757-B384-4E38-930D-A15D9FEB7ED6} - System32\Tasks\App Explorer => C:\Users\thiba\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7417512 2019-08-27] (SweetLabs Inc. -> SweetLabs, Inc)
Task: C:\WINDOWS\Tasks\{6569E631-B6AE-3680-5991-2FB4B59819DC}.job => C:\Users\thiba\AppData\Local\Fefebu\LADILE~1.EXE
HKU\S-1-5-21-2200253066-2518333264-4148987301-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.accueil-nav.com/
SearchScopes: HKU\S-1-5-21-2200253066-2518333264-4148987301-1001 -> DefaultScope {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2200253066-2518333264-4148987301-1001 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_secureddownload_17_11_ssg01¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0CyEyDzyyCyCtDzy0DtB0EyE0DtB0AtN0D0Tzu0StCzzzyzztN1L2XzutAtFtByBtFyEtFyDyCtN1L1Czu1BzztN1L1G1B1V1N2Y1L1Qzu2SyD0F0C0ByCyC0CtDtGtAtByByEtGyCtDyEyEtGyB0AyE0FtGtD0EyByByD0E0CyDyC0AyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzy0DyBtDyBtC0CtG0C0EyDyDtGyEzz0ByEtGzzyC0FzytG0EtByD0D0FtB0ByC0EyBtA0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBtAyByD%26cr%3D1409971505%26a%3Dwnf_secureddownload_17_11_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2200253066-2518333264-4148987301-1001 -> {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-2200253066-2518333264-4148987301-1001 -> hxxp://www.accueil-nav.com/
FF Homepage: Mozilla\Firefox\Profiles\09ser8qg.default -> hxxp://www.accueil-nav.com/
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-25]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-25]
CHR HomePage: Default -> teoma.com
CHR StartupUrls: Default -> "hxxp://www.accueil-nav.com/"
CHR DefaultSearchURL: Default -> hxxp://www.accueil-nav.com/search?q={searchTerms}
2019-09-23 18:21 - 2019-09-23 18:21 - 000002840 _____ C:\WINDOWS\system32\Tasks\{6569E631-B6AE-3680-5991-2FB4B59819DC}
2019-09-23 18:20 - 2019-09-24 23:10 - 000000304 _____ C:\WINDOWS\Tasks\{6569E631-B6AE-3680-5991-2FB4B59819DC}.job
2019-09-23 18:20 - 2019-09-23 18:22 - 000000000 ____D C:\Users\thiba\AppData\Local\chromium
2019-09-23 18:20 - 2019-09-23 18:22 - 000000000 ____D C:\Users\thiba\AppData\Local\{E1B9D7E5-C511-BB5D-A889-9EB58CE1622D}
2019-09-23 18:20 - 2019-09-23 18:21 - 000000000 ____D C:\Users\thiba\AppData\Local\Fefebu
2019-09-23 18:20 - 2019-09-23 18:21 - 000000000 ____D C:\ProgramData\{E799DBA5-CFB1-A3DD-97E9-8BF57F01532D}
2019-09-23 18:20 - 2019-09-23 18:20 - 000001367 _____ C:\Users\thiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
C:\Users\thiba\AppData\Local\Host App Service
C:\Program Files\rempl
EmptyTemp:
End::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.