Posté le 13 octobre 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
C:\Program Files (x86)\Lavasoft
C:\Program Files\McAfee
C:\Program Files (x86)\Spybot - Search & Destroy 2
BootExecute: autocheck autochk * sdnclean64.exe
Task: {BD390DF2-1B24-4FE5-A941-F14E72F47BD2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CAA084B1-032F-48CD-BD26-07571E8AEF00} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {FE2D53B7-2EFF-492D-AF69-572A32E913E1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Tcpip\..\Interfaces\{5b039274-89cd-40a4-a57a-f67d8146a09f}: [NameServer] 8.8.8.8
SearchScopes: HKU\S-1-5-21-139396839-3514467551-2887413123-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-139396839-3514467551-2887413123-1001 -> {7E973E23-E09D-41D2-958E-E77AF94332D6} URL = hxxp://q.search-story.com/search?q={searchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-22] (McAfee, LLC -> McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Pas de fichier
Edge HomeButtonPage: HKU\S-1-5-21-139396839-3514467551-2887413123-1001 -> hxxp://q.search-story.com/hp
FF Extension: (Pas de nom) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [non trouvé(e)]
FF SearchPlugin: C:\Users\alici\AppData\Roaming\Mozilla\Firefox\Profiles\bmm4jl90.default\searchplugins\bing-lavasoft-ff59.xml [2018-11-28]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E214FR885G10&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-22] (McAfee, LLC -> McAfee, Inc.)
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-04 08:26 - 2019-10-04 08:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-30 19:46 - 2019-09-30 19:46 - 000001462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-09-30 19:46 - 2019-09-30 19:46 - 000001450 _____ C:\ProgramData\Bureau\Spybot-S&D Start Center.lnk
2019-09-30 19:46 - 2019-09-30 19:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2019-09-30 19:46 - 2019-09-30 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-09-30 19:45 - 2019-10-09 16:14 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-09-30 19:45 - 2019-09-30 20:42 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-09-30 19:45 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2018-04-02 04:18 - 2018-04-02 04:18 - 000027284 _____ () C:\Users\alici\AppData\Roaming\DMGR_0D0A0E0M0O0N0T1F1F1I1B1V0F0StJ1V1S1F1F1J1L1G1NtF1R1F1H.txt
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
E trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-139396839-3514467551-2887413123-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-139396839-3514467551-2887413123-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{618033F7-E7D2-4B0C-B5CB-6B21BB3F356D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [{CA6C866D-58C1-4B86-AF01-F5898E899B07}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe Pas de fichier
FirewallRules: [{7DD08701-BE00-4E65-92F6-B7B19945109C}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe Pas de fichier
FirewallRules: [{C71C4AC8-3F67-4053-B58C-41FA812114ED}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe Pas de fichier
FirewallRules: [{A51ACAB7-51CA-4DB7-846D-74AC3107E5EA}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe Pas de fichier
FirewallRules: [{C3E6E2B0-472B-4B7E-8513-6397AED8C598}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe Pas de fichier
FirewallRules: [TCP Query User{C6E460DD-8904-46AE-B7CC-64218414BBEB}C:\users\alici\appdata\roaming\utorrent\updates\3.5.4_44520.exe] => (Block) C:\users\alici\appdata\roaming\utorrent\updates\3.5.4_44520.exe Pas de fichier
FirewallRules: [UDP Query User{748A5DBA-2A1A-4DBF-9B8B-8B9F61E2F08F}C:\users\alici\appdata\roaming\utorrent\updates\3.5.4_44520.exe] => (Block) C:\users\alici\appdata\roaming\utorrent\updates\3.5.4_44520.exe Pas de fichier
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
EmptyTemp:
cmd: ipconfig /flushdns
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.