Posté le 5 septembre
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
SearchScopes: HKU\S-1-5-21-197461977-1359920147-718343051-1001 -> DefaultScope {4EFC2A1F-776A-4A6A-849D-CAA996672FBE} URL =
SearchScopes: HKU\S-1-5-21-197461977-1359920147-718343051-1001 -> {4EFC2A1F-776A-4A6A-849D-CAA996672FBE} URL =
HKLM\...\StartupApproved\StartupFolder: => "WSAppHelper.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WSAndroidAppHelper.lnk"
FirewallRules: [TCP Query User{9CA10787-D32E-4241-8BDA-CAE4C81FC8B6}C:\users\youss\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\youss\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [UDP Query User{099F8AEB-253D-42C7-9E5E-2413ACD3DB0B}C:\users\youss\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\youss\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [TCP Query User{434568B5-2299-4556-9EC1-F9593F4408B7}D:\application\edupython\edupython\app\python.exe] => (Allow) D:\application\edupython\edupython\app\python.exe (Python Software Foundation) [Fichier non signé]
FirewallRules: [UDP Query User{05DB4106-AA99-407A-B3F0-B9C478D407D3}D:\application\edupython\edupython\app\python.exe] => (Allow) D:\application\edupython\edupython\app\python.exe (Python Software Foundation) [Fichier non signé]
FirewallRules: [TCP Query User{CCDB0FBB-DC70-4909-8ECE-1097609B58A0}C:\users\youss\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\youss\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [UDP Query User{D673CDE2-BC91-4950-80F9-985707F88B03}C:\users\youss\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\youss\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [TCP Query User{4245749D-1888-4AB3-AC8A-0E9272D914CE}D:\application\warface\warface my.com\bin64release\gamedx11.exe] => (Allow) D:\application\warface\warface my.com\bin64release\gamedx11.exe (LLC Mail.Ru -> MY.GAMES)
FirewallRules: [UDP Query User{6D5615E1-357A-4FDF-9251-96B2FD9471DA}D:\application\warface\warface my.com\bin64release\gamedx11.exe] => (Allow) D:\application\warface\warface my.com\bin64release\gamedx11.exe (LLC Mail.Ru -> MY.GAMES)
FirewallRules: [TCP Query User{E9A0CB58-F1BD-408B-8BE7-3A6478E9F6E6}D:\application\warface\warface my.com\bin64release\gamedx11.exe] => (Allow) D:\application\warface\warface my.com\bin64release\gamedx11.exe (LLC Mail.Ru -> MY.GAMES)
FirewallRules: [UDP Query User{878FEEF5-3245-4178-8CE9-DC2C2DEA69BD}D:\application\warface\warface my.com\bin64release\gamedx11.exe] => (Allow) D:\application\warface\warface my.com\bin64release\gamedx11.exe (LLC Mail.Ru -> MY.GAMES)
FirewallRules: [{52EB8649-A4CB-4538-89BF-18EE86D92E75}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{9616FA1B-39AB-42AF-ABBE-9124B929BC4C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{A1868118-C607-4F5A-B1EE-7168ED59C674}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-197461977-1359920147-718343051-1001\...\Policies\Explorer: [NoSecurityTab] 1
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\MUSNOTIFICATIONUX.EXE: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UPFC.EXE: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2021-08-27]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2021-08-27]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {06FEF118-1E47-4CD0-8CA1-3F23A5249FEF} - \OneDrive Standalone Update Task-S-1-5-21-3361115751-27757304-2163315715-500 -> Pas de fichier <==== ATTENTION
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - \Microsoft\Windows\Speech\HeadsetButtonPress -> Pas de fichier <==== ATTENTION
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - \Microsoft\Windows\WindowsUpdate\sihpostreboot -> Pas de fichier <==== ATTENTION
Task: {495FF134-B9FC-4ACE-83AA-28BB9C02097D} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec% [Argument = /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval]
Task: {5B5DFC2E-1B2D-403E-BD11-9EFB772AE0B1} - \LenovoUtility Startup -> Pas de fichier <==== ATTENTION
Task: {64478F23-4265-4719-A005-D93D4A11672E} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineTN => C:\Windows\SysWOW64\IME\shared\Y-1-37-54\BI_1.4.49.93.exe (Accès refusé) <==== ATTENTION
Task: {991CAD24-83FF-4F3B-BF65-514EF74A0878} - System32\Tasks\Opera scheduled Autoupdate 1619690354 => C:\Users\youss\AppData\Local\Programs\Opera\launcher.exe
Task: {A21BAC49-01DA-42A8-810A-833ED1370D08} - System32\Tasks\Opera scheduled assistant Autoupdate 1619690366 => C:\Users\youss\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\youss\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {CBFB6BE6-9828-4121-A91C-8ADE8B6B1C36} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [22174424 2021-09-04] (LLC Mail.Ru -> LLC Mail.Ru)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-07-20] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X]
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe [X]
2021-09-05 12:02 - 2021-09-05 12:02 - 000003454 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupRemoval
2021-09-05 12:02 - 2021-09-05 12:02 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2021-09-05 12:01 - 2021-09-05 12:01 - 000000000 ____H C:\ProgramData\rebootpending.txt
2021-09-05 11:56 - 2021-09-05 11:56 - 000000000 ____D C:\Users\Public\Security Sessions
2021-09-05 11:54 - 2021-09-05 11:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2021-09-05 11:54 - 2019-03-20 19:50 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2021-09-05 11:54 - 2019-03-20 19:50 - 000045472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2021-09-05 11:52 - 2021-09-05 12:03 - 000000000 ____D C:\ProgramData\Avira
2021-09-05 11:52 - 2021-09-05 12:03 - 000000000 ____D C:\Program Files (x86)\Avira
2021-09-05 11:52 - 2021-09-05 11:56 - 000000000 ____D C:\Users\youss\AppData\Local\Avira
2021-08-27 17:18 - 2021-08-27 18:16 - 000000000 ____D C:\Users\youss\.android
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\ProgramData\Wondershare
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-08-27 17:17 - 2021-08-28 22:32 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-08-27 17:17 - 2021-08-27 18:15 - 000000000 ____D C:\Users\youss\AppData\Roaming\MobileBackupForeverIni
2021-08-27 17:17 - 2021-08-27 18:11 - 000000000 ____D C:\Users\youss\AppData\Local\Wondershare
2021-08-27 17:17 - 2021-08-27 17:17 - 000000016 _____ C:\ProgramData\mntemp
2021-08-27 17:17 - 2021-08-27 17:17 - 000000000 ____D C:\ProgramData\Apple
2021-08-27 17:16 - 2021-08-27 18:15 - 000000000 ____D C:\Users\youss\AppData\Roaming\Wondershare
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.