Posté le 28 février 2021
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
C:\Program Files\Trend Micro
ContextMenuHandlers1: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers1: [Cover Designer] -> [CC]{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> Pas de fichier
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Pas de fichier
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Pas de fichier
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
AlternateDataStreams: C:\Users\lafit\Desktop\Guitare:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\lafit\Desktop\Guitare:com.dropbox.attrs [54]
SearchScopes: HKU\S-1-5-21-2023168162-640536157-1414434965-1001 -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
SearchScopes: HKU\S-1-5-21-2023168162-640536157-1414434965-1001 -> {7F1BCEFC-7817-4C83-9DE2-1C9256F5C181} URL =
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> Pas de fichier
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> Pas de fichier
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - Pas de fichier
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2020-11-15] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
IE trusted site: HKU\S-1-5-21-2023168162-640536157-1414434965-1001\...\localhost -> localhost
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213696 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1233328 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {707F8D04-C5C2-4806-8167-8BE5CFC86FAF} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: C:\WINDOWS\Tasks\{67D60A95-D2A6-FD80-EE94-1AADE483E6B2}.job => C:\Users\lafit\AppData\Roaming\{9127A~1\updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Edge StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=zxy_96f759a727044979fa¶m1=ArFaIWxoNqArQGMVIDImAHFbMnMqQGMVAmRoNqAdBHFaISoeATVoNqAqAXFaIWQBvmE4ICILNopcGWUIvmFdImoUvmldICIYvmk3vCoUvFM4J6k3NVVdJmIWwVM9JCILNVJdESk8NUM9JmIVwVM4J6ILNFdbDSk8wVU9ImIXvmo9ImoUwVA4ISIWwV5cGWUWvmFbEGUINF89JCIXwVA9JCITvFI9GqUNNFxcJqUDNF5bDGUNNEU3wGQGwVI9JmoVNVBdJqYTNVFdICISwVU9JCk3NVI9I6IYNVM9ISIXwVw4Jmk3NVM9JmISvFQ4JmoUvmk9JmoXvmpdJCIYNVU4JaYTNoU9GqUMNFBcJqQzNEBcGqQANFdcFCk8NoNdJaYVNVI4ICoXNVBdImk4wVw9JGYXwVM4J6ISvFE3vCoXNVI9IaYYvFE9JmIWwVw9JaYWNVVdJmIVvFNdICIYvFM4JqYVNVRbFCILNVVdGSk8vFFoNqAqxrFaIWV4MGZ8NWt6NWJoNqAsQGMVvDIlC6MuNGwuNqwuy6QmyndoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=Mat5LWBaLWV4"
Edge DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_96f759a727044979fa¶m1=ArFaIWJoNqArQGMVIDImAHFbMnMqQGMVAmRoNqAdBHFaISoeATVoNqAqAXFaIWQBvmE4ICILNopcGWUIvmFdImoUvmldICIYvmk3vCoUvFM4J6k3NVVdJmIWwVM9JCILNVJdESk8NUM9JmIVwVM4J6ILNFdbDSk8wVU9ImIXvmo9ImoUwVA4ISIWwV5cGWUWvmFbEGUINF89JCIXwVA9JCITvFI9GqUNNFxcJqUDNF5bDGUNNEU3wGQGwVI9JmoVNVBdJqYTNVFdICISwVU9JCk3NVI9I6IYNVM9ISIXwVw4Jmk3NVM9JmISvFQ4JmoUvmk9JmoXvmpdJCIYNVU4JaYTNoU9GqUMNFBcJqQzNEBcGqQANFdcFCk8NoNdJaYVNVI4ICoXNVBdImk4wVw9JGYXwVM4J6ISvFE3vCoXNVI9IaYYvFE9JmIWwVw9JaYWNVVdJmIVvFNdICIYvFM4JqYVNVRbFCILNVVdGSk8vFFoNqAqxrFaIWV4MGZ8NWt6NWJoNqAsQGMVvDIlC6MuNGwuNqwuy6QmyndoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGZ4MWt6MqVcLZ%3D%3D&p={searchTerms}
Edge DefaultSearchKeyword: Default -> fr.search.yahoo.com
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1141680 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [401448 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [74760 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [39880 2020-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\WINDOWS\system32\DRIVERS\tmeyes.sys [687208 2020-09-03] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [159848 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137112 2020-07-29] (Trend Micro, Inc. -> Trend Micro, Inc.)
2021-02-28 17:27 - 2021-02-28 17:28 - 000003104 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-02-28 17:27 - 2021-02-28 17:28 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-28 17:27 - 2021-02-28 17:27 - 000003408 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-02-28 17:27 - 2021-02-28 17:27 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-28 17:27 - 2021-02-28 17:27 - 000002622 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-02-28 17:27 - 2021-02-28 17:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-02-28 17:02 - 2020-12-01 15:09 - 000000000 ____D C:\Users\lafit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2021-02-28 17:02 - 2016-10-20 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-28 14:16 - 2020-12-01 15:09 - 000002332 _____ C:\Users\lafit\Desktop\Trend Micro Internet Security.lnk
2021-02-28 10:39 - 2017-07-21 17:00 - 000000000 ____D C:\ProgramData\Trend Micro
2016-10-20 09:18 - 2016-10-20 09:18 - 000000000 _____ () C:\Users\lafit\AppData\Local\{84A10327-476A-4EE5-85E7-723DEA58095A}
2016-10-20 16:48 - 2016-10-20 16:48 - 000000000 _____ () C:\Users\lafit\AppData\Local\{F5597966-CCB7-4921-A57A-F0E7DE37DE3B}
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh winsock reset
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.