start::
closeprocesses:
createrestorepoint:
ContextMenuHandlers3: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Smadav\SmadExtc.dll [2010-02-19] (Smadsoft) [Fichier non signé]
ContextMenuHandlers6: [SmadExt] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Smadav\SmadExtc.dll [2010-02-19] (Smadsoft) [Fichier non signé]
C:\Program Files\Smadav
FirewallRules: [{258A4B68-68BB-4E64-B8BC-E3EEDA2B5571}] => (Allow) C:\Users\mora\AppData\Local\Temp\$PowerISO$\bin\tools\aria2c.exe => Pas de fichier
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [0 2021-10-03]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [0 2021-10-03]
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [0 2021-10-03]
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [0 2021-10-03]
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [0 2021-10-03]
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [0 2021-10-03]
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [0 2021-10-03]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-3343297051-4280132869-1126587126-1000\...\Run: [syswin] => C:\boots\syswin.exe [4730812 2021-10-03] () [Fichier non signé]
C:\boots\syswin.exe
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [0 2021-10-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
S3 Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [0 2021-10-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
S3 odserv; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [0 2021-10-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [0 2021-10-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
FCheck: C:\Windows\system32\GfxUI.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\hkcmd.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\igfxext.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\igfxpers.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\igfxsrvc.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\igfxtray.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
FCheck: C:\Windows\system32\IntelCpHeciSvc.exe [2021-10-03] <==== ATTENTION (zéro octet Fichier/Dossier)
HKU\S-1-5-21-3343297051-4280132869-1126587126-1000\...\MountPoints2: F - F:\SETUP.EXE
Task: {43F50435-9358-42B0-95C5-4F0915E4A0C4} - System32\Tasks\smadav => C:\Program Files\Smadav\SM&#916;RTP.exe [1617920 2014-08-23] (Smadsoft) [Fichier non signé]
cmd: sfc /scannow
emptytemp:
end::