Édité le 28 décembre 2021
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o (Pas de fichier)
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [Fichier non signé]
Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2021-12-27]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited)
BootExecute: autocheck autochk * sdnclean64.exe
Task: {1E79E134-B637-4A58-B0ED-37F7B1999FFA} - \Driver Booster SkipUAC (Vincent) -> Pas de fichier <==== ATTENTION
Task: {270F989B-96C5-4E43-B606-6DC0667BD042} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1869008 2018-04-14] (AVAST Software s.r.o. -> AVAST Software)
C:\Program Files\Common Files\Avast Software
Task: {B7229D03-7A99-48DF-A770-EBC2F01BFC73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-10-13] (Piriform Ltd -> Piriform Ltd)
Task: {BB831325-B21F-423F-BFEB-B02D7925F875} - System32\Tasks\{9CF2CBB6-26F4-4F2B-842E-41F2B75A9FE3} => C:\Windows\system32\pcalua.exe -a C:\Users\Vincent\Desktop\Flash_Disinfector.exe -d C:\Users\Vincent\Desktop
ProxyServer: [S-1-5-21-3820741279-526290587-530586713-1003] => 41.205.36.88:80
FF user.js: detected! => C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\7r296jvo.default\user.js [2016-08-06]
FF Extension: (Protection Web Avira) - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\7r296jvo.default\Extensions\abs@avira.com.xpi [2018-01-09] [UpdateUrl:hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
FF Extension: (Cookie Import/Export) - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\7r296jvo.default\Extensions\jid1-sZ7aKDCe4A2prQ@jetpack.xpi [2018-01-09] []
FF Extension: (Adblock Plus) - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\7r296jvo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-3820741279-526290587-530586713-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
2021-12-27 18:13 - 2021-12-27 18:14 - 000000000 ____D C:\Users\Vincent\Desktop\KMSTOOL
2021-12-27 17:31 - 2021-12-27 17:31 - 023950056 _____ (Proton Technologies AG) C:\Users\Vincent\Desktop\ProtonVPN_win_v1.24.2 (1).exe
2021-12-27 17:12 - 2021-12-27 17:13 - 023950056 _____ (Proton Technologies AG) C:\Users\Vincent\Desktop\ProtonVPN_win_v1.24.2.exe
2021-12-27 11:13 - 2021-12-27 11:17 - 117279792 _____ (PortableApps.com) C:\Users\Vincent\Desktop\FirefoxPortable_95.0.2_English.paf.exe
2016-06-11 22:01 - 2016-06-11 22:01 - 002135856 _____ C:\Users\Vincent\Downloads\Adaware_Installer.exe
2017-09-02 16:50 - 2017-09-02 17:01 - 000047662 _____ C:\Users\Vincent\Downloads\adwcleaner_7.0.2.1.exe
2016-07-30 14:09 - 2016-07-30 14:10 - 001192377 _____ (Ant Software ) C:\Users\Vincent\Downloads\antrenamer2_install.exe
2016-05-12 22:41 - 2016-05-12 22:41 - 000829875 _____ (DiMXSoft ) C:\Users\Vincent\Downloads\desktop-lighter_desktop_lighter_1.4_anglais_226892.exe
2016-07-03 23:06 - 2016-07-03 23:06 - 000132597 _____ C:\Users\Vincent\Downloads\flash-disinfector-.exe
2016-01-15 22:21 - 2016-01-15 22:22 - 013458088 _____ C:\Users\Vincent\Downloads\MKLOL2.0.0.59.exe
2017-09-23 21:31 - 2017-09-23 21:31 - 001053510 _____ (highspheres.com ) C:\Users\Vincent\Downloads\pcchrono.exe
2016-01-02 21:35 - 2016-01-02 21:35 - 001534798 _____ (scrabblepro ) C:\Users\Vincent\Downloads\scrabbleproB.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-09-28] (Google Inc -> Google Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-09-28] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-09-28] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-09-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3820741279-526290587-530586713-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-09-28] (Google Inc -> Google Inc.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\1-se.com -> 1-se.com
0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com
HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\Run: => "MessageSCC"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "GTText"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "BtTray"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "MK LOL"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "PeerBlock"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "TunnelBear"
HKU\S-1-5-21-3820741279-526290587-530586713-1003\...\StartupApproved\Run: => "SandboxieControl"
FirewallRules: [{D5F9F6E1-CA19-4F6A-B1D5-671169776B4B}] => (Block) %USERPROFILE%\Desktop\Multi Timer\MultiTimer.exe => Pas de fichier
FirewallRules: [TCP Query User{98CA7913-7DBB-4528-A5DD-A7961A0A18E0}C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{1EA6CAD9-64C6-4C36-90B4-82F6D7F0D042}C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Pas de fichier
FirewallRules: [TCP Query User{18246508-A6DF-45FA-B468-386EA847542E}C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Pas de fichier
FirewallRules: [UDP Query User{96D6986C-C7B6-4E0A-913F-436FC9E5B203}C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\users\Vincent\desktop\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Pas de fichier
FirewallRules: [{90CD0540-D98C-49D9-890E-7285B682EC06}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B856719C-374F-4B54-B9B5-33DA287DBC8D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{E24497A6-5E07-4E38-B106-BD3C0FD7287A}C:\users\Vincent\desktop\nouveau dossier\programs\office 2013-2019 c2r install v6.3\files\bin\kmss.exe] => (Allow) C:\users\Vincent\desktop\nouveau dossier\programs\office 2013-2019 c2r install v6.3\files\bin\kmss.exe => Pas de fichier
FirewallRules: [UDP Query User{A98B2A26-CC84-434F-ABF7-6696097575D0}C:\users\Vincent\desktop\nouveau dossier\programs\office 2013-2019 c2r install v6.3\files\bin\kmss.exe] => (Allow) C:\users\Vincent\desktop\nouveau dossier\programs\office 2013-2019 c2r install v6.3\files\bin\kmss.exe => Pas de fichier
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh winsock reset
cmd: sfc /scannow
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.