Édité le 4 juillet 2021
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
SearchScopes: HKU\S-1-5-21-1785135278-2820057349-1625525082-1001 -> DefaultScope {3415D4F4-EA0D-4C0B-B912-BB5CAAE4CA76} URL =
SearchScopes: HKU\S-1-5-21-1785135278-2820057349-1625525082-1001 -> {3415D4F4-EA0D-4C0B-B912-BB5CAAE4CA76} URL =
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Pas de fichier
IE trusted site: HKU\S-1-5-21-1785135278-2820057349-1625525082-1001\...\amazon.fr -> hxxps://amazon.fr
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SMART Board Service"
HKLM\...\StartupApproved\Run32: => "SMART Board Tools"
HKLM\...\StartupApproved\Run32: => "SMART Ink"
HKU\S-1-5-21-1785135278-2820057349-1625525082-1001\...\StartupApproved\StartupFolder: => "Alertes de surveillance de l'encre - HP Photosmart 6520 series (réseau).lnk"
HKU\S-1-5-21-1785135278-2820057349-1625525082-1001\...\StartupApproved\Run: => "HP ENVY 5530 series (NET)"
HKU\S-1-5-21-1785135278-2820057349-1625525082-1001\...\StartupApproved\Run: => "HP Photosmart 6520 series (NET)"
HKU\S-1-5-21-1785135278-2820057349-1625525082-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
FirewallRules: [{3C2C53B6-E8E1-4E28-9417-E9EC2D793987}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => Pas de fichier
FirewallRules: [{90F8E26B-FFAC-41AA-9EB1-FED13BC6A443}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => Pas de fichier
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
C:\Program Files\AVAST Software
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {21F25AAC-6BB8-422F-AB94-75666FDAFE49} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
C:\Program Files\Common Files\Avast Software
Task: {22D9240C-07AC-4AD2-9158-92CE22A30201} - System32\Tasks\ShouldIRemoveIt => C:\Users\marin\AppData\Roaming\Reason\Should I Remove It\ShouldIRemoveIt.exe [445760 2013-02-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
C:\Users\marin\AppData\Roaming\Reason\Should I Remove It
Task: {2E5FB71F-65AD-4D61-85DE-D07EFCD3E33C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {6FE5A916-E9A8-4E76-977B-7DC809D97EE6} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {B8AFD2C6-57C1-4D88-A2B6-B68B22D0A8A0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\duewl98r.default\Extensions\sp@avast.com.xpi [2019-02-14]
FF Extension: (Avast Online Security) - C:\Users\marin\AppData\Roaming\Mozilla\Firefox\Profiles\duewl98r.default\Extensions\wrc@avast.com.xpi [2018-07-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
2021-07-03 20:14 - 2021-07-03 20:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-07-03 20:09 - 2021-07-03 20:09 - 012210760 _____ (AVAST Software) C:\Users\marin\Downloads\avastclear.exe
2021-07-03 19:51 - 2021-07-03 19:51 - 000363370 _____ C:\Users\Public\Desktop\ZHPDiag.txt
2021-07-03 19:40 - 2021-07-03 19:41 - 000000869 _____ C:\Users\marin\Desktop\ZHPDiag.lnk
2021-07-03 19:40 - 2021-07-03 19:40 - 003277976 _____ (Nicolas Coolman) C:\Users\marin\Downloads\ZHPDiag3.exe
2021-07-03 19:00 - 2021-07-03 19:00 - 000012092 _____ C:\Users\marin\Desktop\ZHPCleaner (R).html
2021-07-03 18:55 - 2021-07-03 18:55 - 000011666 _____ C:\Users\marin\Desktop\ZHPCleaner (S).html
2021-07-03 18:55 - 2021-07-03 18:55 - 000004905 _____ C:\Users\Public\Desktop\ZHPCleaner (S).txt
2021-07-03 18:39 - 2021-07-03 19:51 - 000000000 ____D C:\Users\marin\AppData\Roaming\ZHP
2021-07-03 18:39 - 2021-07-03 19:40 - 000000000 ____D C:\Users\marin\AppData\Local\ZHP
2021-07-03 18:39 - 2021-07-03 18:42 - 000000879 _____ C:\Users\marin\Desktop\ZHPCleaner.lnk
2021-07-03 18:39 - 2021-07-03 18:39 - 003258008 _____ (Nicolas Coolman) C:\Users\marin\Downloads\ZHPCleaner.exe
2021-07-03 17:55 - 2021-07-03 17:55 - 008553680 _____ (Malwarebytes) C:\Users\marin\Downloads\adwcleaner_8.3.0.exe
2021-07-03 17:47 - 2021-07-03 17:47 - 000004504 _____ C:\WINDOWS\system32\Tasks\ShouldIRemoveIt
2021-07-03 17:47 - 2021-07-03 17:47 - 000000000 ____D C:\Users\marin\AppData\Roaming\Reason
2021-07-03 17:47 - 2021-07-03 17:47 - 000000000 ____D C:\Users\marin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2021-07-03 17:45 - 2021-07-03 17:45 - 001222464 _____ (Reason Software Company Inc.) C:\Users\marin\Downloads\should-i-remove-it-1-0-4-en-win.exe
2021-07-03 16:04 - 2021-07-03 20:55 - 000000000 ____D C:\Program Files\CCleaner
2021-07-03 16:04 - 2021-07-03 16:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-03 16:04 - 2021-07-03 16:04 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-07-03 16:04 - 2021-07-03 16:04 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-07-03 16:04 - 2021-07-03 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-07-03 16:02 - 2021-07-03 16:02 - 035958288 _____ (Piriform Software Ltd) C:\Users\marin\Downloads\ccsetup582.exe
2021-07-03 20:19 - 2018-04-11 19:11 - 000000000 ____D C:\Users\marin\AppData\Local\AVAST Software
2021-07-03 20:11 - 2016-11-27 17:01 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-03 18:14 - 2021-01-16 21:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-07-02 16:49 - 2021-01-16 21:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh winsock reset
cmd: sfc /scannow
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.