Édité le 4 août 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Run: [OneDriveService] => C:\Program Files\WindowsApps\Microsoft.x64__8wekyb3gfdfdgd8bbwe/file.exe (Pas de fichier)
HKU\S-1-5-21-1025655619-4014309140-2894110501-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-1025655619-4014309140-2894110501-1012\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\wind\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126776 2022-07-18] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {01C486BC-19E2-473D-88F6-4604B57C0752} - System32\Tasks\WmiPrvSE => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {116A4E26-CA7F-4D00-8F8E-491D084B8EF2} - System32\Tasks\OneDrive Status Checker => cmd.exe /C "PowerShell -Nologo -NoProfile -ExecutionPolicy Bypass -E "QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgACQARQBuAHYAOgBVAFMARQBSAFAAUgBPAEYASQBMAEUAXABBAHAAcABEAGEAdABhAA0ACgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoAC (l'élément de données a 302 caractères en plus). <==== ATTENTION
Task: {32068413-C67A-4C52-AD60-3D1E8C3D2524} - System32\Tasks\WindowsDefenderServices\WindowsDefenderServicesService_bk3016 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {346B191C-1C7A-456C-A866-87F27E794C64} - System32\Tasks\NvStray => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {4219CAFE-C6A2-4F98-AB10-0B6A75EA610A} - System32\Tasks\SettingSysHost\SettingSysHostService_bk979 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {4E1826DC-12D0-4CCA-9AD5-F14034730729} - System32\Tasks\SettingSysHost\SettingSysHostService_bk6740 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {554A078A-72A3-4824-A724-C6FD8AA096BE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [669320 2022-03-23] (Advanced Micro Devices Inc. -> )
Task: {60ADD1CF-410B-414B-8C11-7F5B6C8152C8} - System32\Tasks\WindowsDefenderServices\WindowsDefenderServicesService_bk8822 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {6F8F71BD-4B51-456A-846E-2F1003E58767} - System32\Tasks\OneDriveService => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {6FF6BFAE-28F5-4FC7-A581-2BE283479C05} - System32\Tasks\OneDrive Status Checker Start => cmd.exe /C "PowerShell -Nologo -NoProfile -ExecutionPolicy Bypass -E "QQBkAGQALQBNAHAAUAByAGUAZgBlAHIAZQBuAGMAZQAgAC0ARQB4AGMAbAB1AHMAaQBvAG4AUABhAHQAaAAgACQARQBuAHYAOgBVAFMARQBSAFAAUgBPAEYASQBMAEUAXABBAHAAcABEAGEAdABhAA0ACgBBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoAC (l'élément de données a 2389 caractères en plus). <==== ATTENTION
Task: {8BA1FC6B-9C57-4868-A7AC-A2524C1DF262} - System32\Tasks\SecurityHealthSystray => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {96E2068B-8CE6-4587-B88E-4D4538E3A068} - System32\Tasks\AntiMalwareServiceExecutable => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {9E5BFA39-28A1-401B-B960-2DFBB59D24DA} - System32\Tasks\MicrosoftEdgeUpd => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {A997E6C2-8EE9-4B8D-8EE7-327B57087759} - System32\Tasks\AntiMalwareSericeExecutable\AntiMalwareSericeExecutableService_bk2980 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {BD6B2B92-CFA7-4F57-B75A-9E0D3E2CC8ED} - System32\Tasks\WindowsDefender => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {C26E8903-E34A-4085-A070-B6D92B8CF4AB} - System32\Tasks\MicrosoftUpdateServices\MicrosoftUpdateServicesService_bk4911 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Task: {DA76B42B-4E14-41A6-85FC-710BBFD41361} - System32\Tasks\AntiMalwareSericeExecutable\AntiMalwareSericeExecutableService_bk4756 => C:\ProgramData\SystemFiles\dllhost.exe (Pas de fichier) <==== ATTENTION
Edge Notifications: Default -> hxxps://captcha4you.top
R2 AltruisticsService; C:\Program Files (x86)\Altruistics\Altruistics.exe [18041728 2022-07-28] (Cowan Innovations Inc. -> Altruistic Software)
C:\Program Files (x86)\Altruistics
S2 TermService; C:\Windows\System32\svchost.exe [55320 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL) <==== ATTENTION (pas de ServiceDLL)
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S3 WinRing0_1_2_0; C:\Users\Matteo\AppData\Local\Temp\tmpD796.tmp [14544 2022-08-02] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION
2022-07-28 01:52 - 2022-07-28 01:52 - 000000000 ___HD C:\ProgramData\Dllhost
2022-07-28 01:13 - 2022-08-03 08:15 - 000000000 ____D C:\Windows\system32\Tasks\Outbyte
2022-07-28 01:13 - 2022-08-03 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte
2022-07-28 00:18 - 2022-08-03 15:05 - 000000000 ____D C:\ProgramData\Altruistics
2022-07-28 00:18 - 2022-08-03 04:24 - 000000000 ____D C:\Users\Matteo\AppData\Roaming\Altruistics
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\ProgramData\SSO
2022-07-28 00:17 - 2022-07-28 00:17 - 000000000 ____D C:\Program Files (x86)\Altruistics
AlternateDataStreams: C:\Windows\system32\0:01C1E140C8 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AZ Launcher - Minecraft.lnk:EE97536411 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emplacements Bluetooth.lnk:BF03F99EF9 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3314]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoyToKey.lnk:A8FB82A7B9 [3314]
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
cmd: sfc /scannow
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.