start:: CreateRestorePoint:... - TextUp

Posté le 4 mai
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-851647062-3894540203-1184168997-1001\...\Run: [MicrosoftEdgeAutoLaunch_5FE355E501C3C936293EF2FD382B4172] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139976 2023-05-17] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {119B6BB0-DE78-4FFE-B983-4E757192E442} - System32\Tasks\Opera scheduled Autoupdate 1710416438 => C:\Users\jean-\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (Pas de fichier)
Task: {326CBC48-873B-424C-B6B8-67F7A42C4A00} - System32\Tasks\UniversalUpdater => C:\Program Files (x86)\Universal Browser Solutions\Universal Browser\UniversalUpdater.exe (Pas de fichier)
Edge StartupUrls: Default -> "hxxp://isearch.avg.com/?cid={A4891A89-85A6-4052-BCB9-4172C9ACE2E4}&mid=18fcce46e1ea47d08316d14132fc5e22-ea4ed82c41d30fea5db33a03671829074dc02544&lang=fr&ds=od011&pr=sa&d=2012-06-06%2015:03:45&v=11.1.0.7&sap=hp","hxxp://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtD0DzzzzzytAtDyD0BtAtA0D0C0CtN0D0Tzu0CtBzzyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1052864786","hxxp://www.google.com/","hxxp://search.conduit.com/?CUI=UN31148769174431021&ctid=CT3128284&SearchSource=48","hxxps://www.google.com/","hxxp://www.google.com/intl/fr/","hxxp://www.google.com/","hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=3C391E85DE72C06D&cat=delta&dlb=2&affID=123639&tsp=5000","hxxp://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtB0CtDyC0D0C0C0AtDtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1394391385&ir=","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-01-13&ent=hp&u=1E6E599F6650523C6D166552D3D736A7","hxxp://www.sweet-page.com/?type=hp&ts=1389619641&from=vit&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.mystartsearch.com/?type=hp&ts=1412962531&from=epom2&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.sweet-page.com/?type=hp&ts=1415043225&from=cor&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxps://www.google.com/?trackid=sp-006","hxxp://www.istartsurf.com/?type=hp&ts=1442005480&z=f26e5e60056a896585d731ag8zaz0o0edebwbcdobm&from=face&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.oursurfing.com/?type=hp&ts=1443004388&z=b81b17bd3f119002fa06390g9zbzbc9e0e9zecdb6b&from=2sq&uid=hitachixhts541010a9e680_j8400076gx4y9cgx4y9cx","hxxp://www.omniboxes.com/?type=hp&ts=1443014799&z=4e736ddb332c0786da2237ag5z2z6cfe7gez1m2tbb&from=amt&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.istartsurf.com/?type=hp&ts=1443024423&z=4f204206f8bd8d91c13e2a1gbz7z2cbedo3z4obzcc&from=face&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.oursurfing.com/?type=hp&ts=1443100855&z=a1487732cf49c550d6c9476gfz3z7c9g9ede8b4wdw&from=amt&uid=hitachixhts541010a9e680_j8400076gx4y9cgx4y9cx","hxxps://encrypted.google.com/"
Edge Extension: (DigitalisPurpurea) - C:\Users\jean-\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eclfgnpelmafmfefjbnoieblamelfhdp [2024-04-29] [UpdateUrl:hxxps://crxupdate.com/crx/updates.php] <==== ATTENTION
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
CHR StartupUrls: Default -> "hxxp://isearch.avg.com/?cid={A4891A89-85A6-4052-BCB9-4172C9ACE2E4}&mid=18fcce46e1ea47d08316d14132fc5e22-ea4ed82c41d30fea5db33a03671829074dc02544&lang=fr&ds=od011&pr=sa&d=2012-06-06%2015:03:45&v=11.1.0.7&sap=hp","hxxp://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtD0DzzzzzytAtDyD0BtAtA0D0C0CtN0D0Tzu0CtBzzyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1052864786","hxxp://www.google.com/","hxxp://search.conduit.com/?CUI=UN31148769174431021&ctid=CT3128284&SearchSource=48","hxxps://www.google.com/","hxxp://www.google.com/intl/fr/","","hxxp://www.google.com/","hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=3C391E85DE72C06D&cat=delta&dlb=2&affID=123639&tsp=5000","hxxp://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtB0CtDyC0D0C0C0AtDtN0D0Tzu0SyBtByCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1394391385&ir=","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-01-13&ent=hp&u=1E6E599F6650523C6D166552D3D736A7","hxxp://www.sweet-page.com/?type=hp&ts=1389619641&from=vit&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.mystartsearch.com/?type=hp&ts=1412962531&from=epom2&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.sweet-page.com/?type=hp&ts=1415043225&from=cor&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxps://www.google.com/?trackid=sp-006","hxxp://www.istartsurf.com/?type=hp&ts=1442005480&z=f26e5e60056a896585d731ag8zaz0o0edebwbcdobm&from=face&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.oursurfing.com/?type=hp&ts=1443004388&z=b81b17bd3f119002fa06390g9zbzbc9e0e9zecdb6b&from=2sq&uid=hitachixhts541010a9e680_j8400076gx4y9cgx4y9cx","hxxp://www.omniboxes.com/?type=hp&ts=1443014799&z=4e736ddb332c0786da2237ag5z2z6cfe7gez1m2tbb&from=amt&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.istartsurf.com/?type=hp&ts=1443024423&z=4f204206f8bd8d91c13e2a1gbz7z2cbedo3z4obzcc&from=face&uid=HitachiXHTS541010A9E680_J8400076GX4Y9CGX4Y9CX","hxxp://www.oursurfing.com/?type=hp&ts=1443100855&z=a1487732cf49c550d6c9476gfz3z7c9g9ede8b4wdw&from=amt&uid=hitachixhts541010a9e680_j8400076gx4y9cgx4y9cx","hxxps://encrypted.google.com"
CHR Extension: (Online Security) - C:\Users\jean-\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-04-29]
CHR Extension: (Apps Helper) - C:\appsDDhelper [2024-05-02]
CHR HKU\S-1-5-21-851647062-3894540203-1184168997-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
2024-04-25 22:04 - 2024-04-26 19:40 - 000004462 _____ C:\WINDOWS\system32\Tasks\UniversalUpdater
2024-04-25 19:35 - 2024-04-25 19:40 - 000000000 ____D C:\Users\jean-\AppData\Roaming\AVG
2024-04-25 19:35 - 2024-04-25 19:40 - 000000000 ____D C:\Users\jean-\AppData\Local\AVG
2024-04-25 19:34 - 2024-04-25 19:33 - 000314816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2024-04-25 13:00 - 2024-04-25 13:00 - 000000000 ____D C:\ProgramData\Universal Browser Solutions
2024-04-25 19:40 - 2024-03-14 13:41 - 000000000 ____D C:\ProgramData\AVG
C:\Program Files\AVG

EmptyTemp:
end::

x

Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x

Télécharger le texte

Merci de choisir le format du fichier à télécharger.