Posté le 22 février 2020
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
FirewallRules: [{2DF9EF06-0DEA-4AF5-98D3-AD7084A5EC9E}] => (Allow) %systemroot%\system32\alg.exe Pas de fichier
FirewallRules: [{C6574534-D8E0-4BE9-9519-26D893920B83}] => (Allow) %systemroot%\system32\alg.exe Pas de fichier
C:\Program Files (x86)\AVAST Software
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\79.0.3062.80\Installer\chrmstp.exe [2020-02-12] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {78E6BF5C-809F-4067-9790-E5C0BD45096A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2020-01-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {86211674-46C7-40AB-B578-9DFB93E99E07} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2020232 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {F39BE465-C5F7-4943-A29D-E8BD0FFC4F86} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2020232 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichie
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5v3844ru.default-release-1582228509623\Extensions\sp@avast.com.xpi [2020-01-15]
CHR Notifications: Default -> hxxps://0.nextyourcontent.com; hxxps://bcvc.live; hxxps://soonersupor.pro; hxxps://upiloumnejim.pro; hxxps://usinesmycete.info; hxxps://ww1.ouo.today;hxxps://www.minecraft-france.fr; hxxps://www1.bethanyharrell.pro; hxxps://www1.debrahinton.pro; hxxps://www1.ramirocampos.pro
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2020-01-15] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2020-01-15] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\79.0.3062.80\elevation_service.exe [1123008 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)
2020-02-15 18:57 - 2020-02-15 18:57 - 000000000 _____ C:\Users\admin\AppData\Local\BIT6EC2.tmp
2020-02-15 18:55 - 2020-02-15 18:55 - 000000000 _____ C:\Users\admin\AppData\Local\BIT7DDB.tmp
2020-02-15 18:55 - 2020-02-15 18:55 - 000000000 _____ C:\Users\admin\AppData\Local\BIT7DCB.tmp
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-02-12 23:34 - 2020-02-12 23:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-02-21 15:19 - 2020-01-11 11:48 - 000000000 ____D C:\ProgramData\AVAST Software
2020-02-22 13:42 - 2020-01-11 11:48 - 000000000 ____D C:\ProgramData\SAntivirus
2020-02-22 13:42 - 2020-01-11 11:38 - 000000000 ____D C:\ProgramData\fagce
2020-02-12 18:38 - 2020-01-15 17:05 - 000003856 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-02-12 18:38 - 2020-01-15 17:05 - 000003272 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-02-12 18:38 - 2020-01-15 17:05 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-02-15 18:57 - 2020-02-15 18:57 - 000000000 _____ () C:\Users\admin\AppData\Local\BIT6EC2.tmp
2020-02-15 18:55 - 2020-02-15 18:55 - 000000000 _____ () C:\Users\admin\AppData\Local\BIT7DCB.tmp
2020-02-15 18:55 - 2020-02-15 18:55 - 000000000 _____ () C:\Users\admin\AppData\Local\BIT7DDB.tmp
EmptyTemp:
cmd: ipconfig /flushdns
end::





x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.