fixlist---Copie.txt

Document joint : HDclzVK1ftY_fixlist---Copie.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþ
Start::
CloseProcesses:
CreateRestorePoint:
CustomCLSID: HKU\S-1-5-21-2653654637-1825667986-682984672-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B110844F0336}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Pas de fichier
Task: {3678D7B0-61F2-40EE-A9AC-318F95FB6F4A} - System32\Tasks\App Explorer => C:\Users\FATIHA DJEBBARI\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2018-01-12] (SweetLabs, Inc) <==== ATTENTION
Task: {3CDF2539-4D21-4A50-AE4E-F615E0E28E00} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {8F25ABCB-1B10-4C72-8A35-E9C1F6141E34} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2018-01-08] (Byte Technologies LLC) <==== ATTENTION
Task: {922D4471-377B-4A24-930C-5BD70CF721D2} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {95FC366A-0795-4A86-8222-2B7A74A54765} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Lenovo App Explorer (HKU\S-1-5-21-2653654637-1825667986-682984672-1000\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-2653654637-1825667986-682984672-1001\...\Host App Service) (Version: 0.273.2.539 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.10 - Lenovo)
Task: {3857C2F8-E7D3-44B7-820C-76A0A9B5A942} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e867e500-af0d-4811-8c06-e0af1728343a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-03-02] (Lenovo Group Limited)
Task: {7AF2BC5E-329D-4AC9-BA63-D2D79E927D98} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-03-02] (Lenovo Group Limited)
Task: {8430759D-2ADC-4003-B365-3B163DF610BA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\18631409-4c89-4edc-94d0-a9ce905d01c4 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-03-02] (Lenovo Group Limited)
Task: {922D4471-377B-4A24-930C-5BD70CF721D2} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {95FC366A-0795-4A86-8222-2B7A74A54765} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {A895F1DC-4025-467E-B0ED-28EE5A35C1D1} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-03-22] (Realtek Semiconductor)
Task: {C34CF4AF-5FAE-4CEB-8523-1E272169DCD1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {C7428C00-F3AC-4B67-AB9D-CA2A64345451} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {E36ED6C9-1EA3-4889-940C-C9C8DCA0361E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b4165593-b837-4603-b1d4-0ba75a71220a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-03-02] (Lenovo Group Limited)
Task: {EA9A8534-2B07-4A90-9706-86E7FFC107F3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6c202ad7-b086-4f3c-aa74-f5d4a26339e3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-03-02] (Lenovo Group Limited)
Task: {F6417065-6A14-4E8C-93C1-1F0328703999} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-03-22] (Realtek Semiconductor)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 3.18.0.0 - Byte Technologies LLC) <==== ATTENTION
Task: {8F25ABCB-1B10-4C72-8A35-E9C1F6141E34} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2018-01-08] (Byte Technologies LLC) <==== ATTENTION
2018-02-11 22:47 - 2018-02-11 22:49 - 000302920 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2018-01-08 11:26 - 2018-01-08 11:26 - 000580456 _____ () C:\Program Files\ByteFence\rsLggr.exe
2018-02-11 22:47 - 2018-02-11 22:49 - 000620872 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2016-05-25 14:38 - 2016-05-25 14:38 - 000129304 _____ () C:\Program Files\ByteFence\x64\lz4_x64.dll
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rsLggr.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [150936 2018-01-08] (Byte Technologies LLC)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2018-02-11] ()
2018-04-01 01:00 - 2018-02-11 22:28 - 000000000 ____D C:\Program Files\ByteFence
2018-03-20 01:09 - 2018-02-11 22:30 - 000002590 _____ C:\WINDOWS\System32\Tasks\ByteFence
(SweetLabs, Inc) C:\Users\FATIHA DJEBBARI\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
2018-03-24 15:04 - 2018-03-24 15:04 - 021728328 _____ (SweetLabs,Inc.) C:\Users\FATIHA DJEBBARI\AppData\Local\Temp\oct3E05.tmp.exe
HKU\S-1-5-21-2653654637-1825667986-682984672-1001\...\Run: [Chromium] => c:\users\fatiha djebbari\appdata\local\chromium\application\chrome.exe [828416 2017-01-21] (The Chromium Authors)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=
HKU\S-1-5-21-2653654637-1825667986-682984672-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.palikan.com/?f=1&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=
SearchScopes: HKLM -> DefaultScope {76009CB6-6F51-440F-975E-4281D9B9CD9D} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=&q={searchTerms}
SearchScopes: HKLM -> {76009CB6-6F51-440F-975E-4281D9B9CD9D} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {76009CB6-6F51-440F-975E-4281D9B9CD9D} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=&q={searchTerms}
SearchScopes: HKLM-x32 -> {76009CB6-6F51-440F-975E-4281D9B9CD9D} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisreb_18_06&cd=2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtBtAtAtN1L2XzutAtFtByBtFyEtFyDyEtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0A0DtCzytAyDyBtGyBtA0C0FtG0Ezy0D0AtGyE0D0D0CtGtByC0DtAyCtA0FyCyDyEtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyE&cr=1067623923&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2653654637-1825667986-682984672-1001 -> {76009CB6-6F51-440F-975E-4281D9B9CD9D} URL =
FF Homepage: Mozilla\Firefox\Profiles\yqbncmhq.default -> hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_popjara_18_01_ssg08&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0AtBzztCzy0CtCyEtB0FyD0B0D0A0BtN0D0Tzu0StBtCzytAtN1L2XzuyEtFtBtCtFtDtFyDtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyB0FzztByDtD0CtAtGtC0AtC0BtGyCtC0FyCtGtB0DtDyDtGzy0F0BzztDzytA0ByEtDzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1P1QtDyByCzzyCtAtG1PzztB1TtGyEyDyC1QtG1SyCyDtDtG1SzytBtDyC1PtAtCzz1P1S1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCyEzyyEtDzyyCtD%26cr%3D240644397%26a%3Dwnf_popjara_18_01_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
Tcpip\..\Interfaces\{c2be4b8f-bea5-407b-bc9e-d8fe40a81b0d}: [DhcpNameServer] 150.209.1.2

Hosts:
EmptyTemp:
Cmd: ipconfig /flushdns
End::

Signaler le contenu de ce document