Posté le 24 décembre 2020
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
cmd: C:\ProgramData\NTUSER.pol
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2015-12-03] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\conni\AppData\Local\MEGAsync\ShellExtX64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2015-12-03] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> Pas de fichier
AlternateDataStreams: C:\ProgramData:D8192D09AB3D993A [217]
AlternateDataStreams: C:\Users\All Users:D8192D09AB3D993A [217]
AlternateDataStreams: C:\ProgramData\Application Data:D8192D09AB3D993A [217]
AlternateDataStreams: C:\ProgramData\Temp:33384BC0 [122]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-647661810-2180549995-3034408541-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [4625184 2020-08-12] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1360D181-1F6D-48CD-A379-0C4485BEB39B} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe [808888 2015-11-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {29E21C49-B342-4D98-8125-ABDA676D3A21} - System32\Tasks\UpdateTask => C:\Users\conni\AppData\Local\{B9848~1\UNINST~1.EXE
Task: {582E5768-AB6E-41B5-A4AD-2F1A427F09D5} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {73FE078C-5CD5-48DA-B0E3-AD1AE305D55B} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {8FF6B17B-FCC1-4A71-931A-48A1C4F66B5B} - System32\Tasks\{A711DC33-3F9C-4BC2-9E2A-EB6199EA0E64} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {9FA0233C-4277-45B1-9B5E-8A7F4BEA581F} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {AC3EF3CB-32FE-4412-B401-E551473CB820} - System32\Tasks\McAfee Cleanup => C:\Users\conni\AppData\Local\Temp\MCPR\mccleanup.exe <==== ATTENTION
Task: {CCD8DDBA-1E5A-44CC-8F00-C1CB323248F3} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\Windows\system32\winrmsrv.exe [731136 2020-09-11] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
Task: {F1A9955D-EB25-4030-8851-F2689421385A} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {F348EA71-4F72-4682-8985-ED82B89A7111} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [3438680 2016-05-23] (AVAST Software a.s. -> AVAST Software)
Task: {FDC9B3D9-E927-461A-8E05-EA839BAD87D5} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => C:\Windows\system32\winlogui.exe [750592 2020-09-11] (Microsoft Corporation) [Fichier non signé]
C:\Windows\system32\winlogui.exe
C:\Windows\system32\winscomrssrv.dll
C:\Windows\system32\winrmsrv.exe
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [2015-12-03] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [2015-12-03] (McAfee, Inc. -> )
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://google.com/","hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_gmmedply_15_48&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtBtCtDzy0E0FyCyEtCzztN0D0Tzu0StCyEtByDtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0E0FyC0AyDyEtAtGyDzyyB0EtGtAtD0DtCtGyCyDyC0EtGzy0BtDyBtC0ByDzytByBtBzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0D0AyB0EyC0EtG0EzztAzytGyEtByE0EtGzztCtA0CtGtBzzyE0F0E0Azz0A0F0AzyyD2QtN0A0LzuyE%26cr%3D2050161853%26a%3Dwncy_gmmedply_15_48%26os%3DWindows%2B10%2BHome","hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_01&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0F0CtA0F0D0BtAtAyC0A0C0EtD0DyDtDtN0D0Tzu0StCyEyCyDtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyEtA0EtA0EtAyCzytGyE0F0EtAtGtB0C0AyDtGtAtC0FyBtG0AyBtBtCyByDtCtA0C0B0Azy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0E0EyB0CyCyB0CtGyByE0CtAtGyE0FyEtBtGzyyEtCyCtG0A0E0ByByE0ByBtCtByB0A0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr%3D21880349%26a%3Dwbf_fs_16_01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome"
C:\Users\conni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-647661810-2180549995-3034408541-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 AntiVirMailService; "C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe" [X]
S2 AntivirProtectedService; "C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe" [X]
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\Antivirus\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\Antivirus\avguard.exe" [X]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe" [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
2020-11-30 11:51 - 2015-11-27 20:03 - 000000000 ____D C:\Program Files\mcafee
2020-11-29 14:53 - 2015-11-27 20:03 - 000000000 ____D C:\ProgramData\mcafee
cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.