Édité le 16 août 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Users\quentin123\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abacbbpeedfoecmhlbgbaobhmdmkclkb
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (LENOVO -> Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (LENOVO -> Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (LENOVO -> Lenovo Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2607165618-564694558-2456799905-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2607165618-564694558-2456799905-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0270082F-AB18-4F3B-9BFF-5E0208488702} - \WPD\SqmUpload_S-1-5-21-2607165618-564694558-2456799905-1001 -> Pas de fichier <==== ATTENTION
Task: {1A982235-44D8-4DC9-80D9-2E8F4A87C31A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {35F9B8CA-D5AF-42F0-B0F1-292181A14966} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {371F2365-2543-4BD7-A3E7-59DD471659FA} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {37C84BA6-D986-4EA6-9399-E32D79D29167} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A1E5A909-069F-427B-A951-4CB544C2CF9C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {B535582D-E6EB-49D9-B411-3B425DCDD342} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
C:\WINDOWS\SysWOW64\Macromed
Task: {B8332F9D-63A8-48FB-8188-E6F05FCD8FA8} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (Pas de fichier)
Task: {C4ADE362-5AFB-46CA-B27F-91264E021C5C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {F38C050C-2FF8-4A0D-8E02-8D42F436AF0D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
AutoConfigURL: [S-1-5-21-2607165618-564694558-2456799905-1001] => hxxp://webfastaccess.com/wpad.dat?bb1d593dd5da3f1b1593926390dfab7134113398 <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
C:\Users\quentin123\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abacbbpeedfoecmhlbgbaobhmdmkclkb
FF SearchPlugin: C:\Users\quentin123\AppData\Roaming\Mozilla\Firefox\Profiles\6wet37m5.default\searchplugins\bing-lavasoft.xml [2017-05-11]
FF SearchPlugin: C:\Users\quentin123\AppData\Roaming\Mozilla\Firefox\Profiles\6wet37m5.default\searchplugins\McSiteAdvisor.xml [2017-07-17]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Pas de fichier]
CHR Notifications: Default -> hxxps://echantillonsclub.onesignal.com; hxxps://messages.google.com; hxxps://openload.co; hxxps://streamingfilm.cc; hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://fr.yahoo.com/?fr=hp-avast&type=avastbcl","hxxp://www.google.com/","hxxps://www.google.com/","hxxp://www.nav-fr.com/"
2019-02-27 23:25 - 2019-02-27 23:25 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{1F45E41F-284F-4C9C-BAF4-B9A375BB7106}
2019-02-09 11:05 - 2019-02-09 11:05 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{3DBF6A91-AFA5-4E43-82A6-9F423FF59F6B}
2019-01-13 08:49 - 2019-01-13 08:49 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{91718C74-A0B9-420D-970A-0E8BC5C43393}
2019-01-13 08:49 - 2019-01-13 08:49 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{E0CCC5B3-AEE4-4276-BC18-C17EB1355003}
2019-02-11 03:41 - 2019-02-11 03:41 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{EC92271A-E9F6-455B-A976-7F05BA7A5918}
2019-02-28 23:25 - 2019-02-28 23:25 - 000000000 _____ () C:\Users\quentin123\AppData\Local\{F5CE89B5-FF54-4B95-AB09-AB70ECF2BB01}
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{8189A132-6745-4DF3-8BE3-4F6C3C05B96C}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.103\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.93\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe /Automation => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2607165618-564694558-2456799905-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\quentin123\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => Pas de fichier
HKU\S-1-5-21-2607165618-564694558-2456799905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nav-fr.com/
SearchScopes: HKLM -> DefaultScope {218EDDAE-E76A-40E1-9065-DB36C5A435BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope {218EDDAE-E76A-40E1-9065-DB36C5A435BF} URL =
SearchScopes: HKU\S-1-5-21-2607165618-564694558-2456799905-1001 -> DefaultScope {B32397E8-0FA0-4C88-9337-C92E04FED85E} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2607165618-564694558-2456799905-1001 -> {7E973E23-E09D-41D2-958E-E77AF94332D6} URL = hxxp://q.search-story.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2607165618-564694558-2456799905-1001 -> {B32397E8-0FA0-4C88-9337-C92E04FED85E} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-05-02] (Oracle America, Inc. -> Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Pas de fichier
IE trusted site: HKU\S-1-5-21-2607165618-564694558-2456799905-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "LMCSSTART2"
HKLM\...\StartupApproved\Run: => "LMCSSTART1"
HKLM\...\StartupApproved\Run: => "LMCSSTART3"
HKU\S-1-5-21-2607165618-564694558-2456799905-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-2607165618-564694558-2456799905-1001\...\StartupApproved\Run: => "Web Companion"
cmd: netsh advfirewall reset
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.