Édité le 9 juin 2022
Télécharger | Reposter | Largeur fixe

Start::
SystemRestore: on
CloseProcesses:
CreateRestorePoint:
Removeproxy:
Hosts:
CustomCLSID: HKU\S-1-5-21-1426486088-3157828713-298550685-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {50988F06-9468-D082-501F-E9A185889A47} => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1426486088-3157828713-298550685-1001_Classes\CLSID\{DD0822EE-9A03-4BDC-B947-4B99B97D5850}\InprocServer32 -> {585C8912-9468-D082-4419-2DA985889A47} => Pas de fichier
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gcmhlmapohffdglflokbgknlknnmogbb\The QR Code Generator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gcmhlmapohffdglflokbgknlknnmogbb
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_coobgpohoikkiipiblmjeljniedjpjpf\Recherche Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=coobgpohoikkiipiblmjeljniedjpjpf
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ahfgeienlihckogmohjhadlkjgocpleb\Web Store.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ahfgeienlihckogmohjhadlkjgocpleb
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chromium\Google Keep – Notes et listes.lnk -> C:\Users\PIERRE-DAIG\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Agenda.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ejjicmeblgpmajnghnpcppodonldlgfn
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=apdfllckaahabafndbhieahigkjlhalf
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Duo.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=imgohncinckhbblnlmaedahepnnpmdma
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
ShortcutWithArgument: C:\Users\PIERRE-DAIG\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Agenda.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ejjicmeblgpmajnghnpcppodonldlgfn
AlternateDataStreams: C:\Users\PIERRE-DAIG:files_layoutmode [3393]
AlternateDataStreams: C:\ProgramData\Temp:5F64C164 [146]
AlternateDataStreams: C:\Users\PIERRE-DAIG\inforad:files_layoutmode [3402]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1426486088-3157828713-298550685-1001 -> Pas de nom - {724D43A0-0D85-11D4-9908-00400523E39A} - Pas de fichier
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "DriverMax_RESTART"
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "Report"
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "Application Restart #1"
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "7084A234F2896904C0FE7AF6C990F54B5FBD2672._service_run"
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp (Pas de fichier)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe (Pas de fichier)
HKU\S-1-5-21-1426486088-3157828713-298550685-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\PIERRE-DAIG\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {005F6593-88EF-4B70-8434-70211097F7B9} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\PIERRE-DAIG\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe [1974064 2021-11-10] (Orange -> Orange)
Task: {05FBEEA6-D70E-4093-B7B4-F23BEF0E8428} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(1): Net -> stop "Orange Update Core Service"
Task: {05FBEEA6-D70E-4093-B7B4-F23BEF0E8428} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(2): Net -> start "Orange Update Core Service"
Task: {09762297-16B8-4062-992A-1B135F449497} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {439B6DE1-58F7-48A1-AD8B-5B1EBC6CD269} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> Pas de fichier <==== ATTENTION
Task: {4A4B78D8-020D-4AB7-8827-F89FF7113A08} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {50B41F82-5C68-4376-8ED6-792389F1C40C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {5B61DBA3-8260-4061-AE39-6F9267FAFAC2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {6C0D9967-CD8A-4636-806A-C46992D7C871} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_AcquireFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe -AcquireFOD (Pas de fichier)
Task: {71509BA9-E999-493C-8018-9E4520B1DCB5} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_RemoveFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe -RemoveFOD (Pas de fichier)
Task: {769423E4-C253-415B-8695-57B907B4DDB3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {7A5D58DD-DFDF-4B07-9412-00AB326C9AC5} - System32\Tasks\Microsoft\Windows\Shell\ShellLogonTask_SetCBSEndOfLife => C:\WINDOWS\System32\ShellLogonTask.exe -SetCBSEndOfLife (Pas de fichier)
Task: {7F8E18D9-EE8F-4F6C-BE30-652861B4732E} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Siber Systems\AI RoboForm\Identities.exe -goodsync /sync (Pas de fichier)
Task: {81C6739B-8E7E-40C8-9698-276150B7729E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {825305B3-AF8F-44AF-BDF0-985584E723B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {911E1301-E697-4D27-9272-B7E54A8C3762} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {9156C000-DCDD-4EA5-9361-B11B3695DB49} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Pas de fichier)
Task: {9389C7E1-4B45-4DCF-AE5D-B3C16E697959} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {A8FA3F05-9565-49C5-87B8-3E7741CCE07E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {B1A02878-BF22-494C-9E2F-9F51C60FFF43} - System32\Tasks\{1A31C424-610E-4C9D-BF21-513C56DFC222} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PIERRE-DAIG\AppData\Local\Temp\Temp1_Microsoft_Money_2005_crack_supergege.zip\Crack.exe <==== ATTENTION
Task: {D5BB85E3-2FB5-4794-A520-ECF28AE03295} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {DCB6B88A-7EDE-48DD-80A7-832385E1711A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {F80230D5-1491-4CE1-92BA-F9C1E336DFF5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [non trouvé(e)]
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> EdgeExtension_DashlaneDashlaneEdgeExtension_ks9qrcqmdm1bm => C:\Program Files\WindowsApps\Dashlane.DashlaneEdgeExtension_6.2029.3.0_neutral__ks9qrcqmdm1bm [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> NewEdgeAutofill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
CHR HKU\S-1-5-21-1426486088-3157828713-298550685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1426486088-3157828713-298550685-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\PIERRE-DAIG\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-11-19]
CHR HKU\S-1-5-21-1426486088-3157828713-298550685-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1426486088-3157828713-298550685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\PIERRE-DAIG\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-11-19]
CHR HKU\S-1-5-21-1426486088-3157828713-298550685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
S3 MpKsl81a812bd; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27885AB9-9CF7-44CC-B912-AFAC6E387215}\MpKslDrv.sys [X]
U3 Sense; pas de ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
StartRegEdit:
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\*.update]
"http"=dword:00000002
"https"=dword:00000002
EndRegEdit:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
cmd: netsh winsock reset
Emptytemp:
End::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.