Posté le 12 février
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
cmd: reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
cmd: reg query HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run
CustomCLSID: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Valerie\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {41b68ff5-2486-11e7-82a6-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d03e3-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d03fd-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d0416-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {647889c3-ee8f-11e7-82ac-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {6857a423-ecc1-11e9-82bf-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {7121dc73-294b-11ea-82c3-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {7121dc76-294b-11ea-82c3-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {b98aebe7-f6fc-11e5-8295-382c4a0c4e4c} - "F:\autorun.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {b98aec01-f6fc-11e5-8295-382c4a0c4e4c} - "F:\autorun.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {e5d0d4fd-8d36-11e9-82b7-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {f30f1b5c-2cb0-11e9-82b1-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {f30f1b9d-2cb0-11e9-82b1-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
IE Session Restore: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> est activé.
BHO: Pas de nom -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Pas de fichier
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://search.imesh.net","hxxp://search.conduit.com/?ctid=CT3285358&SearchSource=48&CUI=UN38270934623456317&UM=2"
U0 msahci; system32\drivers\msahci.sys [X]
2020-02-11 19:14 - 2016-06-09 11:03 - 000000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2020-02-05 19:15 - 2019-06-09 17:25 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.