start:: SystemRestore:...

Édité le 29 janvier 2022
Télécharger | Reposter | Largeur fixe

start::
SystemRestore: on
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [RocketDock] => "C:\Program Files (x86)\RocketDock\RocketDock.exe" (Pas de fichier)
HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe
HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [GoogleContactSync] => "C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe" (Pas de fichier)
HKU\S-1-5-21-2014061092-255564908-1934616328-1000\...\Run: [OV3_Monitor] => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe" -NoStart (Pas de fichier)
HKU\S-1-5-21-2014061092-255564908-1934616328-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe
HKU\S-1-5-21-2014061092-255564908-1934616328-1003\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe
HKU\S-1-5-21-2014061092-255564908-1934616328-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe
Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\peerblock.exe - Raccourci.lnk
ShortcutTarget: peerblock.exe - Raccourci.lnk -> C:\Program Files\PeerBlock\peerblock.exe (Pas de fichier)
Task: {70F48057-DE08-4175-95E3-4D805E5AC60D} - System32\Tasks\ASUS\i-Setup215354 => C:\Windows\Install\AsusSetup.exe -a -reboot -log215354 (Pas de fichier)
Task: {B09BDEF0-95AC-4F70-A57A-C4B9C3778F99} - System32\Tasks\CCleanerSkipUAC - Home => C:\Program Files\CCleaner\CCleaner.exe
Task: {C3353D8C-2091-4CF3-9004-D1CA7FCBF224} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\Home\AppData\Roaming\\timerutc\\utct.exe -st -tu 4 (Pas de fichier)
CHR HKU\S-1-5-21-2014061092-255564908-1934616328-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Home\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <non trouvé(e)>
CHR HKU\S-1-5-21-2014061092-255564908-1934616328-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
HKLM\SYSTEM\CurrentControlSet\Services\avgSP <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Services\avgMonFlt <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Services\avgSnx <==== ATTENTION
S2 MBAMInstallerService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
2022-01-29 11:36 - 2022-01-28 12:12 - 000336824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2022-01-28 12:51 - 2022-01-28 12:51 - 000000000 ____D E:\users\Vincent\AppData\Local\AVG
2022-01-28 12:15 - 2022-01-28 12:15 - 000000000 ____D E:\users\Vincent\AppData\Roaming\AVG
2022-01-28 12:12 - 2022-01-28 12:12 - 000853944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw6c4fc9396cfc056c.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000545312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw28900a6a1ee96660.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000369288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw6490d6a168c8e0f7.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000318904 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswdbde0096346e66fa.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000253064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswa39e3109b6ef1284.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000222248 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw0b88688f2e7249d3.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000215576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswfb8b66ee5ad25a51.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000186424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw09b4277389912da3.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000109056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswa8dfadc229f5712d.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000100488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw8a6cb88d08a7480c.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000084120 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswdcce82752490e8c5.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\aswc63426d7931fdfbc.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000036920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw7ab3e1db3b33d18f.tmp
2022-01-28 12:12 - 2022-01-28 12:12 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-01-28 12:12 - 2022-01-28 12:12 - 000000000 ____D C:\Program Files\AVG
2022-01-28 12:11 - 2022-01-28 12:14 - 000000000 ____D C:\ProgramData\AVG
2022-01-28 12:03 - 2022-01-28 12:03 - 000224072 _____ (AVG Technologies CZ, s.r.o.) E:\users\Vincent\Downloads\avg_antivirus_free_setup.exe
2022-01-18 22:57 - 2022-01-18 22:57 - 000000000 ____D E:\users\Vincent\Documents\TotalAV
2022-01-18 22:56 - 2022-01-28 12:05 - 000000000 ____D C:\ProgramData\TotalAV
2022-01-18 22:56 - 2022-01-18 22:56 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-01-18 21:40 - 2022-01-18 21:40 - 000000000 ____D C:\Windows\system32\gf2engine
2022-01-18 21:39 - 2022-01-18 22:50 - 000000000 ____D C:\ProgramData\Avast Software
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2014061092-255564908-1934616328-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2014061092-255564908-1934616328-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2014061092-255564908-1934616328-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-2014061092-255564908-1934616328-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
MSCONFIG\Services: MBAMInstallerService => 2
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\Services: WsAppService => 2
EmptyTemp:
cmd: ipconfig /flushdns
cmd: sfc /scannow
cmd: netsh winsock reset
end::