Posté le 2 novembre
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
AV: Protection antivirus et antispyware McAfee (Disabled - Up to date) {B10D5953-051E-97F6-F53B-3839EFD98259}
AS: Protection antivirus et antispyware McAfee (Disabled - Up to date) {0A6CB8B7-2324-9878-CF8B-034B945EC8E4}
FW: Pare-feu McAfee (Disabled) {8936D876-4F71-96AE-DE64-910C110AC522}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_17_36_csp_tuto16_15_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StBtDyByDtN1L2XzutAtFtAtBtFtCtFyCyEtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDtBtDyCtDyEyBzytGyCyBtByCtGzytB0AtDtGyCtBzy0DtG0A0BtAtBtB0E0FyC0EyCtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDyEyByDyEtDyDyE%26cr%3D1005254724%26a%3Dhdr_s_17_36_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDyE0EzyyC0D0BzztGtByD0DtBtG0D0AyBtBtGyByD0AtDtG0FyEyEzytA0CyC0A0E0DyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D2015740548%26a%3Dhdr_s_16_40_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDyE0EzyyC0D0BzztGtByD0DtBtG0D0AyBtBtGyByD0AtDtG0FyEyEzytA0CyC0A0E0DyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D2015740548%26a%3Dhdr_s_16_40_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_79fe2753¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9IAy7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVI3vqYWNVQ3vqYYwVRdIGYVvFM4IGYUvFI4IGYWNVU9GqYVNUI3wGYGwVM4JmIXwVU9GqUNNos3wCIYwVA9JmoUwVA3vCITwVI9GqUNNFM3wCILNFdcIaUXNEBcGqQANFdcFCk8NoM4J6IXvFFdJCoWvmo4IWYTwVw4J6oXvFE4J6ISNVFdICoWvFM9I6IYNVA9ISoUwVw9IWYVvmo3vCIVNVVdICIYvFM3vGYTNVBbFCILNF9cIqUXNolcEqULNopcGWUIvmFbF6k3vmo9JaYVNVRdISoUNVM9I6oWvFE4IGYUwVw4IGYUvFM4J6ISvmldImoUvFM9I6k3NVNdIqYVNVNdJGYYwVU4JmIWvFNdIqQIwV5dJGYNvmE4ICILNFRbDqUDNEJcFaULvmE9JmIYvFE4IXFbMnMbQGMVNGBdMWJ4MWN9NHFbMnVoN9I4ATsux81cMo1aLU0gx7RoNqAex807ACRoN9J7OqNoNqAexbFaIUwkynIew6NoNpR5OqV%3D¶m2=NqVcMqp4NWpbMJ%3D%3D&p={searchTerms}
SearchScopes: HKLM-x32 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_29_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyCyCyCtN1L2XzutAtFtBtAtFtCtFtDtN1L1Czu1M1Q1CtByDtFtDtFtDtN1L1G1B1V1N2Y1L1Qzu2StDyByDtCtCtAyBtDtGyCyByCtBtGyDyEyCzytGyBtA0DzytGzy0ByEtCyCtCyD0EtCtDyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D1403388253%26a%3Dhdr_s_16_29_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_79fe2753¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9IAy7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVI3vqYWNVQ3vqYYwVRdIGYVvFM4IGYUvFI4IGYWNVU9GqYVNUI3wGYGwVM4JmIXwVU9GqUNNos3wCIYwVA9JmoUwVA3vCITwVI9GqUNNFM3wCILNFdcIaUXNEBcGqQANFdcFCk8NoM4J6IXvFFdJCoWvmo4IWYTwVw4J6oXvFE4J6ISNVFdICoWvFM9I6IYNVA9ISoUwVw9IWYVvmo3vCIVNVVdICIYvFM3vGYTNVBbFCILNF9cIqUXNolcEqULNopcGWUIvmFbF6k3vmo9JaYVNVRdISoUNVM9I6oWvFE4IGYUwVw4IGYUvFM4J6ISvmldImoUvFM9I6k3NVNdIqYVNVNdJGYYwVU4JmIWvFNdIqQIwV5dJGYNvmE4ICILNFRbDqUDNEJcFaULvmE9JmIYvFE4IXFbMnMbQGMVNGBdMWJ4MWN9NHFbMnVoN9I4ATsux81cMo1aLU0gx7RoNqAex807ACRoN9J7OqNoNqAexbFaIUwkynIew6NoNpR5OqV%3D¶m2=NqVcMqp4NWpbMJ%3D%3D&p={searchTerms}
SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDyE0EzyyC0D0BzztGtByD0DtBtG0D0AyBtBtGyByD0AtDtG0FyEyEzytA0CyC0A0E0DyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D2015740548%26a%3Dhdr_s_16_40_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001 -> DefaultScope {859237F1-407C-41A0-B65A-327932F02E93} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDyE0EzyyC0D0BzztGtByD0DtBtG0D0AyBtBtGyByD0AtDtG0FyEyEzytA0CyC0A0E0DyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D2015740548%26a%3Dhdr_s_16_40_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001 -> {859237F1-407C-41A0-B65A-327932F02E93} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_csp_tuto16_15_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0AtB0E0DyCyE0EyDyE0C0AtN0D0Tzu0StCyByEtAtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyDyE0EzyyC0D0BzztGtByD0DtBtG0D0AyBtBtGyByD0AtDtG0FyEyEzytA0CyC0A0E0DyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytC0D0B0DyE0CtGyCyEyE0EtGyE0EyCyCtGzz0FyEyCtGzz0C0F0D0C0A0AtAyBtCyC0F2QtN0A0LzuyE%26cr%3D2015740548%26a%3Dhdr_s_16_40_csp_tuto16_15_45%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL =
SearchScopes: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_25050030005_52.15.25.664_u_ds&p={searchTerms}
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
IE trusted site: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\...\aeriagames.com -> hxxp://aeriagames.com
HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\...\StartupApproved\Run: => "Chromium"
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-12-05] (Intel(R) Driver & Support Assistant -> Intel)
HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\...\Run: [GoogleChromeAutoLaunch_36D958CB948C2592EBA064225EF5DB97] => "C:\Users\J\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\...\Run: [Chromium] => "c:\users\j\appdata\local\chromium\application\chrome.exe" --profile-directory="Default" --auto-launch-at-startup --restore-last-session
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25C0DE1A-0897-45E2-A510-96C8F5CB64A7} - System32\Tasks\Cassiopesa tona => "wscript.exe" "C:\ProgramData\{1221FAE2-42A3-2B64-F325-5BE623A78868}\2.0.1.9\cele.txt" "433a2f50726f6772616d446174612f7b31323231464145322d343241332d324236342d463332352d3542453632334137383836387d2f322e302e312e392f746f6e612e646c6c" "687474703a2f2f73616f2e63737062696e742e636f6d2f" "--IsErIk" "//E:jscript" <==== ATTENTION
C:\ProgramData\{1221FAE2-42A3-2B64-F325-5BE623A78868}
Task: {3AD262CB-B4AD-4B9D-A947-2D36EB2DF998} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [724600 2016-10-11] (Intel Corporation -> McAfee, Inc.)
Task: {6E272976-C4F5-4413-A30C-7010CD176BCA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
C:\Program Files\Common Files\AVAST Software
Task: {A2CED085-F100-48BB-A66E-245AC43501F9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe [906360 2016-11-09] (Intel Corporation -> McAfee, Inc.)
Task: {BF9DC4B4-0718-4400-BDC0-045A9000E91D} - \McAfee\McAfee Idle Detection Task -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\{6A869A55-05D3-F2CD-309A-3949C17C2C31}.job => C:\Users\J\AppData\Local\{74FE4~1\helper.exe <==== ATTENTION
Edge HomePage: Default -> hxxps://www.google.fr/webhp?source=search_app&gfe_rd=cr&ei=Uiw5VtDULZSx8wexm4GgBg&gws_rd=ssl
Edge StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=zxy_9bb0772cccb3f6718f¶m1=ArFaIWxoNqArQGMVIDImAHFbMnMqQGMVAmRoNqAdBHFaISoeATVoNqAqAXFaIWQBvmE4ICILNopcGWUIvmE4IGYWNVNdJ6oWNVVdISIVwVI4JmIXvFM4ISoUNVNdJCILNVJdESk8NUM9JmIWvmo3vCILNFdbDSk8wVU9ImIXvmo9ImoUwVA4ISoWwV5cGWUWvmFbEGUINF89JCoUwVA4ISITvFE9GqUNNFxcJqUDNF5bDGUNNEU3wGQGwVQ9ISIWNVU4ICk3NVU4JmISvFE9JGYVNVE9I6IWNVBdJ6k4wVw4JaYXwVM4ICISwVQ4JmoVvFI4JaYYvFM9J6oVNVFdJmIVNoU9GqUMNFBcJqQzNEBcGqQANFdcFCk8NoM3vmk4wVNdIWYXNVI4IGYWwVw4J6oUvFFdICISvFFdICoWvFM9I6k3NVA4ICoWwVw3vqYWNVBdIWYWNVVdJCIYvFQ9J6oWNVBbFCILNVVdGSk8vFFoNqAqxrFaIWpdNWBbMGx6MHFbMnVoN9I4ATsux81cLU1dNo0qx6YuwSE9yaV7CaV8CaJ8QGR7y6MuwnEbQGMVNGZfNXFbMn0aQGMVE7ofAT06xbFbJqVdQGQXHT0gAJ%3D%3D¶m2=NaRcMGZcMWJ9"
FF SearchPlugin: C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\ljvbnubo.default\searchplugins\bing-lavasoft-ff59.xml [2019-04-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-20] [] [non signé]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [2016-11-18] (Intel Corporation -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj]
CHR HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj]
CHR HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKU\S-1-5-21-3981257355-1316023933-2976050601-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcjjaajflhellmcfcecojihhmdbjmmlm]
CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
C:\WINDOWS\system32\default_error_stack*.txt
cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.