Édité le 9 juin 2021
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Program Files (x86)\SMTP Service\smtpsv.exe
virustotal: C:\Program Files (x86)\Google Chrome Helper\chromehelper.exe
cmd: cscript %windir%\System32\slmgr.vbs /dli
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
EndRegedit:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4291689283-1961121226-3943405224-1007\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1007\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1007\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1007\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\MountPoints2: {2a3891cd-0eb9-11eb-a58a-001a7dda7113} - "F:\mSetup.exe"
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\...\MountPoints2: {2a389676-0eb9-11eb-a58a-001a7dda7113} - "F:\setup.exe"
HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-500\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-500\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-4291689283-1961121226-3943405224-500\...\Policies\Explorer: [NoInternetOpenWith] 1
IFEO\CE i386.exe: [Debugger] Enable
IFEO\ce-x64.exe: [Debugger] Enable
Startup: C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2020-11-21]
ShortcutTarget: DS4Windows.lnk -> B:\téléchargements\DS4Windows\DS4Windows.exe (Pas de fichier)
GroupPolicy: Restriction - Edge <==== ATTENTION
GroupPolicy-x32: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1E748C39-7E2A-4C04-BAD5-E44FE5AB2EE6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-11] (Adobe Inc. -> Adobe)
Task: {2972186E-BEE2-4587-845E-20961F9CB1A1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
Task: {6BDB8DF8-F55D-4D66-B038-612FA5A67F75} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-11] (Adobe Inc. -> Adobe)
Task: {AF37EF7E-13F6-4DCE-9768-F72B6ED35D60} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CFF1B09A-4669-4FF2-AA60-A584F013C73E} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4291689283-1961121226-3943405224-1007\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4291689283-1961121226-3943405224-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4291689283-1961121226-3943405224-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\4rf3aknb.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi [non trouvé(e)]
FF HKU\S-1-5-21-4291689283-1961121226-3943405224-1010\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - B:\Autres\Internet Download Manager\idmmzcc3.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @ieinspector.com/ha_plugin -> C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components [Pas de fichier]
FF Plugin-x32: @unisys.com/npornap -> C:\Program Files (x86)\Orange\CAP Nap Plugin ActiveX [2017-05-12] ()
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> B:\téléchargements\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> B:\téléchargements\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> B:\téléchargements\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Pas de fichier]
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [Pas de fichier]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-4291689283-1961121226-3943405224-1008: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\moi\AppData\Local\Turbo\20.10.2184.0\npMozillaTurboPlugin.dll [Pas de fichier]
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
C:\WINDOWS\SysWOW64\Macromed
S3 NDivert; \SystemRoot\System32\drivers\NDivert.sys [X]
2021-06-07 22:25 - 2021-06-09 11:02 - 000000000 ____D C:\Users\moi\AppData\Roaming\ZHP
2021-06-07 22:25 - 2021-06-07 22:41 - 000000000 ____D C:\Users\moi\AppData\Local\ZHP
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Pas de fichier
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Pas de fichier
Shortcut: C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat (Pas de fichier)
AlternateDataStreams: C:\ProgramData\Temp:0B3EF173 [151]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
AlternateDataStreams: C:\Users\moi\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\moi\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
SearchScopes: HKLM -> DefaultScope {DB1CA714-769D-4351-B58B-32452A893D06} URL =
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {DB1CA714-769D-4351-B58B-32452A893D06} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.google.com/search?q={searchTerms}
hosts:
cmd: netsh advfirewall reset
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.