Posté le 18 février 2020
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Windows\SysWOW64\ise_installer_temp.exe
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\rarext.dll -> Pas de fichier
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll -> Pas de fichier
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\rarext.dll -> Pas de fichier
AlternateDataStreams: C:\Users\Public\AppData:CSM [478]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [462]
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\webcompanion.com -> hxxp://webcompanion.com
MSCONFIG\Services: ByteFenceService => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
FirewallRules: [{5B89B014-F326-4790-AEE9-609B3A04AE95}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe Pas de fichier
FirewallRules: [{FFF0852D-6987-4457-85F4-274DD22943DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe Pas de fichier
FirewallRules: [{15891FD4-9B66-4FFD-A53F-063DE4214DB9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe Pas de fichier
FirewallRules: [{95BA1A07-FA9E-4951-9CC1-CC7F5D12DEE1}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe Pas de fichier
FirewallRules: [{12FCBFE3-A94F-4095-AFE1-7A945BE25C5F}] => (Allow) C:\Origin\FIFA 14\Game\fifa14.exe Pas de fichier
FirewallRules: [{E11C9507-D410-4833-A9F2-DF37A34C9CCD}] => (Allow) C:\Origin\FIFA 14\Game\fifa14.exe Pas de fichier
FirewallRules: [TCP Query User{A55FF912-B666-4D0E-A3EC-97CD3C617925}E:\total war rome ii\rome2.exe] => (Block) E:\total war rome ii\rome2.exe Pas de fichier
FirewallRules: [UDP Query User{3B2C3274-E885-4F4D-8EAE-90F82DF13899}E:\total war rome ii\rome2.exe] => (Block) E:\total war rome ii\rome2.exe Pas de fichier
FirewallRules: [{B4FDBF1E-ADA8-48BB-A35B-90722CE6D4E7}] => (Allow) C:\Origin\FIFA 15 DEMO\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [{1687BF15-4947-4AE1-880B-3A297FC1A9CE}] => (Allow) C:\Origin\FIFA 15 DEMO\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [TCP Query User{1F364BF8-BDD9-4B03-871E-39F9FD39105D}C:\origin\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\origin\fifa 15 demo\fifa15_demo.exe Pas de fichier
FirewallRules: [UDP Query User{E04522B2-5786-4634-A60E-45F895B9D31C}C:\origin\fifa 15 demo\fifa15_demo.exe] => (Allow) C:\origin\fifa 15 demo\fifa15_demo.exe Pas de fichier
FirewallRules: [{808C26EF-31E8-4CD2-A7D5-A5E4D980D517}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{3DCE050E-BFCF-44EE-BC8F-2A01BD973F1B}C:\origin\fifa 15\fifa15.exe] => (Allow) C:\origin\fifa 15\fifa15.exe Pas de fichier
FirewallRules: [UDP Query User{3DAAC496-527E-4D8C-AD12-F565764E57AE}C:\origin\fifa 15\fifa15.exe] => (Allow) C:\origin\fifa 15\fifa15.exe Pas de fichier
FirewallRules: [TCP Query User{22A638C6-CB5C-44D1-8AE5-165468577764}C:\origin\fifa 15\fifa15.exe] => (Allow) C:\origin\fifa 15\fifa15.exe Pas de fichier
FirewallRules: [UDP Query User{478778D8-9355-45E0-8AA5-F4E5997382C6}C:\origin\fifa 15\fifa15.exe] => (Allow) C:\origin\fifa 15\fifa15.exe Pas de fichier
FirewallRules: [TCP Query User{262B906C-A2F8-4263-BFCD-489A07B665A4}E:\free download manager\fdm.exe] => (Allow) E:\free download manager\fdm.exe Pas de fichier
FirewallRules: [UDP Query User{9455AA31-5B44-43A4-B70B-61975FCC0CE5}E:\free download manager\fdm.exe] => (Allow) E:\free download manager\fdm.exe Pas de fichier
FirewallRules: [TCP Query User{34D431EB-1136-48FA-AD7E-C43BD2F246B7}E:\free download manager\fdm.exe] => (Block) E:\free download manager\fdm.exe Pas de fichier
FirewallRules: [UDP Query User{09479A82-39BA-4E5D-96B6-9AFFB4082638}E:\free download manager\fdm.exe] => (Block) E:\free download manager\fdm.exe Pas de fichier
FirewallRules: [{31F80875-5D32-4E1B-BEB3-10012C98B53C}] => (Allow) C:\Origin\FIFA 15\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [{1FF19D75-D541-4099-94AE-6B97E19EAD6A}] => (Allow) C:\Origin\FIFA 15\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [{6977C3FC-8B5A-465F-B2EA-B6AC3EC2B23F}] => (Allow) C:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [{A54C631C-4481-4830-84EE-D5D54DE696F7}] => (Allow) C:\Origin\FIFA 16 DEMO\fifasetup\fifaconfig.exe Pas de fichier
FirewallRules: [TCP Query User{5E8D278B-9B56-41D4-9E14-9748C086DE5D}C:\origin\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\origin\fifa 16 demo\fifa16_demo.exe Pas de fichier
FirewallRules: [UDP Query User{8D150688-5883-47F9-A191-89C711043C67}C:\origin\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\origin\fifa 16 demo\fifa16_demo.exe Pas de fichier
FirewallRules: [TCP Query User{676CA726-26A9-480D-AFA2-8C502C218B28}D:\total war - rome ii\rome2.exe] => (Allow) D:\total war - rome ii\rome2.exe Pas de fichier
FirewallRules: [UDP Query User{1030A768-379A-46A4-A0FB-FF08C1EBD0D4}D:\total war - rome ii\rome2.exe] => (Allow) D:\total war - rome ii\rome2.exe Pas de fichier
FirewallRules: [TCP Query User{B43FD27B-D37F-4F14-B5C6-A02F95032CFD}D:\total.war.saga.thrones.of.britannia.v1.0.11578\total.war.saga.thrones.of.britannia\thrones.exe] => (Allow) D:\total.war.saga.thrones.of.britannia.v1.0.11578\total.war.saga.thrones.of.britannia\thrones.exe Pas de fichier
FirewallRules: [UDP Query User{EBCC85A9-4487-4B6C-9392-E2ABB54623F2}D:\total.war.saga.thrones.of.britannia.v1.0.11578\total.war.saga.thrones.of.britannia\thrones.exe] => (Allow) D:\total.war.saga.thrones.of.britannia.v1.0.11578\total.war.saga.thrones.of.britannia\thrones.exe Pas de fichier
FirewallRules: [{5D04EA3A-8399-4E0B-950B-00463EB483FF}] => (Allow) C:\Users\gabin\AppData\Local\Temp\7ZipSfx.000\bin\tools\aria2c.exe Pas de fichier
FirewallRules: [{CA68AB44-2E29-4EB2-BC68-4257FFE22855}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
FirewallRules: [{871285B6-A2EE-407C-B3BA-D10C303009E5}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Pas de fichier
HKLM-x32\...\Run: [FileTransferForMobileGo] => C:\Program Files\Wondershare\MobileGo pour Android\FileTransfer.exe [336272 2014-11-05] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485400 2017-08-29] (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
C:\Program Files (x86)\Common Files\COMODO
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\Run: [DAEMON Tools Lite] => "E:\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
C:\Program Files (x86)\Lavasoft
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\Run: [GoogleChromeAutoLaunch_0F99F6DEC87293F7E5D4465D7BF5D429] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\Run: [Epic Privacy Browser Installer] => C:\Users\gabin\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2020-02-09] (Google Inc (TEST) -> Epic Privacy Browser) [Fichier non signé]
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\MountPoints2: {0eb25f40-5dc0-11e4-b3d2-5404a6813dbf} - G:\blank.exe
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\MountPoints2: {6997f99a-ea73-11e3-9ad7-5404a6813dbf} - G:\Setup.exe
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\...\MountPoints2: {d0683917-b6f2-11e8-b4d7-5404a6813dbf} - I:\setup.exe
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> VC64DB
HKLM\Software\...\AppCompatFlags\Custom\explorer.xxx: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> VC64DB
HKLM\Software\...\AppCompatFlags\Custom\firefox.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> VC64DB
HKLM\Software\...\AppCompatFlags\Custom\software_removal_tool.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\Custom\software_reporter_tool.exe: [{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb] -> Apps32
HKLM\Software\...\AppCompatFlags\InstalledSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
HKLM\Software\...\AppCompatFlags\InstalledSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}: [DatabasePath] -> C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0612C76C-105A-45D6-B3B1-434231ECC0D9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {126F1096-5BB4-4651-8BC9-3EE6E36889C5} - \RocketTab -> Pas de fichier <==== ATTENTION
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\APSnotifierPP1" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\APSnotifierPP2" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\APSnotifierPP3" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\avaavaevy" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\avabvbavad" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\avabvbxvh" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\avabvdxvy" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\ByteFence" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\RocketTab" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RocketTab Update Task" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Uninstaller_SkipUac_Administrator" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Uninstaller_SkipUac_gabin" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\{08F7440B-EE0C-4E05-9870-3191CDAB0E1F}" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\{70926C58-27EF-40A0-A67B-4F9E8900D6EB}" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\{793948F3-DE12-4CE0-A6C6-6D5C4F844663}" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\{8FE8E3C0-E050-4DD9-8EC5-9FE0D58F2568}" /ENABLE
Task: {1B4C0F9B-BA69-4E24-A790-F833500FA16C} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {1ECBAE3D-83B0-4764-92B2-57BFC4D57E49} - \RocketTab Update Task -> Pas de fichier <==== ATTENTION
Task: {2C909AD8-CE90-43AA-BC7B-07A94E5CD261} - \APSnotifierPP1 -> Pas de fichier <==== ATTENTION
Task: {30660A8E-E35D-49F8-8D1E-B63C11A6D77B} - System32\Tasks\avabvbxvh => C:\Users\gabin\AppData\Local\avabvbxvh\avabvbxvh.exe <==== ATTENTION
Task: {4680C7DB-784B-4F70-91F3-E7CAA51ADE94} - System32\Tasks\avabvbavad => C:\Users\gabin\AppData\Local\avabvbavad\avabvbavad.exe <==== ATTENTION
Task: {4DD18F85-6F1E-493F-A19D-D44D708CA004} - \APSnotifierPP2 -> Pas de fichier <==== ATTENTION
Task: {A12D79E5-F9C3-4817-BFDA-B61652341315} - System32\Tasks\{8FE8E3C0-E050-4DD9-8EC5-9FE0D58F2568} => C:\Windows\system32\pcalua.exe -a F:\autorun.exe -d F:\
Task: {B82A2B20-A3E0-48BA-975F-FBA85185B079} - System32\Tasks\{08F7440B-EE0C-4E05-9870-3191CDAB0E1F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {D70C0CDE-B26A-41D8-A4BD-E4682F568F51} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {E1E33923-DBD6-478E-99E5-B70C68370F73} - \APSnotifierPP3 -> Pas de fichier <==== ATTENTION
Task: {E4C9488A-13AA-4FB1-B377-CA7C90364727} - System32\Tasks\avabvdxvy => C:\Users\gabin\AppData\Local\avabvdxvy\avabvdxvy.exe <==== ATTENTION
Task: {E6823CAE-E578-4C87-B2A3-1554DF2E102B} - System32\Tasks\avaavaevy => C:\Users\gabin\AppData\Local\avaavaevy\avaavaevy.exe <==== ATTENTION
Task: {FAEBEBCF-D131-4FD0-8B0E-3ACF0A971D27} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [3938784 2020-02-11] (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:54358;https=127.0.0.1:54358
Hosts: Fichier hosts non détecté dans le dossier par défaut
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-3378400512-3742978869-4124080925-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D092918-AF46C85AB1CFE40C584F&form=CONMHP&conlogo=CT3332019
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M12225D67-C052-4276-91AC-69302BF2A882&SearchSource=58&CUI=&UM=8&UP=SP3C204129-B395-49EC-BA94-B41C80380CC9&q={searchTerms}&D=032015&SSPV=SP2220TA_sp_ie
SearchScopes: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M12225D67-C052-4276-91AC-69302BF2A882&SearchSource=58&CUI=&UM=8&UP=SP3C204129-B395-49EC-BA94-B41C80380CC9&q={searchTerms}&D=032015&SSPV=SP2220TA_sp_ie
SearchScopes: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D092918-AF46C85AB1CFE40C584F&form=CONBDF&conlogo=CT3332019&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000 -> {3A0C98D8-6771-49D2-A4E6-D0FD14AD8D6E} URL = hxxps://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: Pas de nom -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> Pas de fichier
BHO-x32: Pas de nom -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> Pas de fichier
Toolbar: HKU\S-1-5-21-3378400512-3742978869-4124080925-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1
FF Extension: (Avast Online Security) - C:\Users\gabin\AppData\Roaming\Mozilla\Firefox\Profiles\5nxaogm1.default\Extensions\wrc@avast.com.xpi [2020-02-08]
FF SearchPlugin: C:\Users\gabin\AppData\Roaming\Mozilla\Firefox\Profiles\5nxaogm1.default\searchplugins\bing-lavasoft-ff59.xml [2018-09-29]
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1414416125&from=smt&uid=CrucialXCT120M500SSD1_14130C0DB4C10C0DB4C1","hxxp://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M12225D67-C052-4276-91AC-69302BF2A882&SearchSource=55&CUI=&UM=8&UP=SP3C204129-B395-49EC-BA94-B41C80380CC9&D=032015&SSPV=SP2220TA_sp_ch"
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Users\gabin\AppData\Roaming\Browser Extensions\deh_1.0.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-06-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Users\gabin\AppData\Roaming\Browser Extensions\nta_1.0.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\gabin\AppData\Roaming\Browser Extensions\sh_1.0.crx <non trouvé(e)>
S4 ByteFenceService; c:\program files\bytefence\ByteFenceService.exe [162272 2020-02-11] (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
S4 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [77472 2017-08-29] (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
S4 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2485400 2017-08-29] (Comodo Security Solutions, Inc. -> Comodo Security Solutions, Inc.)
S4 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2018-09-29] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ATTENTION
S3 WinRing0_1_2_0; \??\C:\Users\gabin\AppData\Local\Temp\tmp7148.tmp [X] <==== ATTENTION
2020-02-17 22:43 - 2019-04-08 02:25 - 000000000 ____D C:\Users\gabin\AppData\Local\AVAST Software
2020-02-17 22:43 - 2014-11-12 15:39 - 000000000 ____D C:\ProgramData\McAfee
2020-02-17 22:43 - 2014-06-02 17:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-02-15 17:57 - 2018-09-29 20:22 - 000003344 _____ C:\Windows\system32\Tasks\ByteFence
2020-02-15 17:57 - 2015-07-01 09:53 - 000003462 _____ C:\Windows\system32\Tasks\avabvdxvy
2020-02-15 17:57 - 2015-06-16 19:21 - 000003466 _____ C:\Windows\system32\Tasks\avabvbavad
2020-02-15 17:57 - 2015-05-31 09:43 - 000003462 _____ C:\Windows\system32\Tasks\avabvbxvh
2020-02-15 17:57 - 2015-04-20 08:30 - 000003462 _____ C:\Windows\system32\Tasks\avaavaevy
2020-02-15 16:50 - 2019-04-07 18:00 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-02-14 23:31 - 2018-09-29 20:21 - 000000000 ____D C:\Program Files\ByteFence
2020-02-08 13:46 - 2019-04-07 18:00 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2018-12-15 11:33 - 2018-12-15 11:33 - 000000000 _____ () C:\Program Files (x86)\7421b4e3-94ad-4585-85d0-5787f8c589ec.tmp

emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.