cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp:
RemoveProxy:
GroupPolicy: Restriction ? <==== ATTENTION
Task: {D63CC4E9-49B6-409D-B910-E46EBB3A62BE} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> Pas de fichier <==== ATTENTION
HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\...\MountPoints2: {ffbfd010-4a75-11eb-8361-a02bb84e6d1d} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]
Task: {7715D416-C50F-46CA-A6D1-DA3C4E7F397B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMary.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Tcpip\..\Interfaces\{5d2663e7-d7f1-48c9-b193-c31634f305ae}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{66f4db65-885b-48f4-b455-d2f52eef5cfb}: [DhcpNameServer] 192.168.100.1 192.168.100.1
FF Notifications: Mozilla\Firefox\Profiles\us2uyj1z.default-1608804685902 -> hxxps://forum.intuisphere.com
FF NewTab: Moonchild Productions\Pale Moon\Profiles\6rd9l0eh.default -> hxxps://duckduckgo.com/
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
2018-09-29 07:07 - 2018-09-29 07:07 - 000000000 _____ () C:\Users\Mary\AppData\Local\oobelibMkey.log
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
SearchScopes: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [{A8271C0F-307C-4B72-972E-BD1502B2B200}] => (Allow) C:\Users\Mary\AppData\Local\Temp\7zS6F30\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{BEC27007-5229-45A1-96D6-8750EA99EEA7}] => (Allow) C:\Users\Mary\AppData\Local\Temp\7zS6F30\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{59E639F2-1F80-4BC9-A2F5-EBEBA56952E0}] => (Allow) C:\Users\Mary\AppData\Local\Temp\7zS24F8\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{5C5D6D67-879B-4CF6-9949-A497D5DAF4BB}] => (Allow) C:\Users\Mary\AppData\Local\Temp\7zS24F8\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{4172D4CE-BB20-469B-9123-F16B925AC848}] => (Allow) C:\Users\Mary\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{24A0E367-2726-4F7E-B866-25817BCAF0A8}] => (Allow) C:\Users\Mary\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink LabelPrint.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk
C:\Users\Mary\Pictures\2018-photos\2018-09-09-Genouillé-Surgères\P1080689.jpg - Raccourci (2).lnk
C:\Users\Mary\Pictures\2018-photos\2018-09-09-Genouillé-Surgères\P1080689.jpg - Raccourci.lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\Adobe Reader XI.lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\Avira.lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\Choix de navigateur .lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\Gestionnaire pour appareils Windows Mobile.lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\McAfee Security Scan Plus.lnk
C:\Users\Mary\Documents\bureau-17-11-12\sauvJL2\Backup files 1\C\Users\jean-luc\Desktop\Icones\PDF Architect 3.lnk
C:\Users\Mary\Documents\bureau-15-04\PDF Architect 3.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Pictures\Sample Pictures.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Music\Sample Music.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Acer Arcade Deluxe.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Acer Crystal Eye webcam.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Acer Tour.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Adobe Reader 9.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\DivX Converter.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\DivX Movies.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\DivX Player.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\DVD Decrypter.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Mes dossiers de partage.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\VLC media player.lnk
C:\Users\Mary\Documents\AUDE-sauvegarde-2015-05-02\Bureau\parents mathias\Documents2\Winamp.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\DADSU-CTL-V01X06.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\Defraggler.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\jl.souchet - Raccourci.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\McAfee Security Scan Plus.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\PDFArchitect.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\Icônes\PDFCreator.lnk
C:\Users\Mary\Documents\2015-09-16-1352\B- Recup Ordi Juin 2013 Disque C\0- Dossier récupéré ordi en panne disque C\Jean Luc Souchet\Bureau\B du T\LIVET.lnk
C:\Users\Mary\Documents\2015-09-16-1352\ACTIF\Plus\Date Déménagement Malève.lnk
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium\Lanceur d'applications Chromium.lnk
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\SendTo\Format Factory.lnk
C:\Users\Mary\AppData\Local\Chromium\User Data\Lanceur d'applications Chromium.lnk
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|com.squirrel.Teams.Teams
DeleteValue: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\\Software\Microsoft\Windows\CurrentVersion\Run|com.squirrel.Teams.Teams]
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\CLVDShellExt
C:\Users\Mary\AppData\Local\Temp\mat-debug-11216.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-11876.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-3064.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-4456.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-5496.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-560.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-5876.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-6016.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-6388.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-7116.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-8396.log
C:\Users\Mary\AppData\Local\Temp\mat-debug-9684.log
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.ApplicationCompany
DeleteKey: HKLM\SOFTWARE\Chromium
DeleteKey: HKCU\SOFTWARE\Chromium
DeleteKey: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\SOFTWARE\Chromium
C:\Users\Mary\AppData\Local\Chromium
C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVAST Software
DeleteKey: HKCU\SOFTWARE\Browser Cleanup
DeleteKey: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\SOFTWARE\Browser Cleanup
C:\Program Files\AVAST Software
C:\ProgramData\AVAST Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware
C:\Program Files\Malwarebytes
C:\Program Files (x86)\Malwarebytes Anti-Malware
C:\ProgramData\Malwarebytes
C:\Users\Mary\AppData\Local\mbam
C:\Users\Mary\AppData\Local\mbamtray
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|mcpltui_exe
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee
DeleteKey: HKU\.DEFAULT\SOFTWARE\McAfee
C:\Program Files (x86)\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr - (.McAfee Inc..)
C:\Program Files (x86)\McAfee
C:\ProgramData\McAfee
DeleteKey: HKLM\SOFTWARE\WOW6432Node\WildTangent
C:\Program Files (x86)\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m - (.WildTangent.)
C:\ProgramData\WildTangent
C:\Users\Mary\AppData\Roaming\WildTangent
C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\WildTangent
DeleteKey: HKLM\SOFTWARE\WOW6432Node\PDF Architect 3
DeleteKey: HKCU\SOFTWARE\PDF Architect 3
DeleteKey: HKU\.DEFAULT\SOFTWARE\PDF Architect 3
DeleteKey: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\SOFTWARE\PDF Architect 3
C:\Program Files (x86)\PDF Architect 3
C:\ProgramData\PDF Architect 3
C:\Users\Mary\AppData\Roaming\PDF Architect 3
DeleteKey: HKCU\SOFTWARE\ZebHelpProcess Helper
DeleteKey: HKU\S-1-5-21-3247538059-4087954707-1015243053-1001\SOFTWARE\ZebHelpProcess Helper
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SunJavaUpdateSched
C:\Users\Mary\AppData\Roaming\java
Reboot:
C:\Windows\Temp\ *.*
C:\Users\CurrentUserName\Appdata\Local\Temp\ *.*
C:\Windows\SoftwareDistribution\Download\ *
cmd: ipconfig /flushdns
cmd: netsh winsock reset
Cmd: netsh advfirewall reset
Cmd: Netsh advfirewall set allprofiles state on
end::

Publicité


Signaler le contenu de ce document

Publicité