Édité le 10 septembre 2022
Télécharger | Reposter | Largeur fixe

start::
SystemRestore: On
closeprocesses:
createrestorepoint:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
FirewallRules: [{650A2200-0246-45AC-8FA4-6D0F8F56CCB8}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{651E95EE-4B8C-405D-A390-424714A41B44}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
FirewallRules: [{BB73C0EE-E92F-4EE7-A219-4F68A13F4793}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Pas de fichier
C:\Users\apias\AppData\Roaming\k60894gc.exe
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-338196638-180758111-2136214413-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {B1A22276-349E-4BB0-B2BE-04E2BF25FEE7} - System32\Tasks\AviraSystemSpeedupRemoval => %comspec% [Argument = /C rmdir "C:\Program Files (x86)\Avira\System Speedup" /S /Q & schtasks /Delete /F /TN AviraSystemSpeedupRemoval]
C:\Program Files (x86)\Avira
Task: {BFA4FFCB-05BF-48B7-BD97-C8174BB87CFA} - System32\Tasks\Diagnostic\Service => C:\Users\apias\AppData\Roaming\eirgpqr\mecsev.exe [893608 2022-09-09] (Accès refusé) [Fichier non signé] -> "C:\Users\apias\AppData\Roaming\eirgpqr\mecsev.dat" "C:\Users\apias\AppData\Roaming\eirgpqr\mecsev.dat" (Accès refusé) <==== ATTENTION
C:\Users\apias\AppData\Roaming\eirgpqr
Task: {C2B6CB38-4BC4-48A2-9932-A10967EA0026} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
C:\Program Files\Common Files\Avast Software
Task: {E1C573BB-340A-483A-8683-43F86224998B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-338196638-180758111-2136214413-1001UA => C:\Users\apias\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {E4CB90EE-F298-4747-9605-4EC4F5788AEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-338196638-180758111-2136214413-1001Core => C:\Users\apias\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-338196638-180758111-2136214413-500 => C:\Users\apias\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {F4459C25-6BDD-4AE9-9A54-4C5C14573E4A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Pas de fichier)
C:\Program Files\Avast Software
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
C:\Users\apias\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\caiblelclndcckfafdaggpephhgfpoip
C:\Users\apias\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\emgfgdclgfeldebanedpihppahgngnle
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
2022-09-09 23:50 - 2022-09-10 00:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-09 23:50 - 2022-09-10 00:15 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-09 20:27 - 2022-09-09 21:36 - 000000000 ____D C:\Users\apias\AppData\Roaming\eirgpqr
2022-09-09 20:27 - 2022-09-09 20:27 - 000000000 ____D C:\Users\apias\AppData\Roaming\F2EBB4427BBF212E
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.