Édité le 31 octobre 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Users\Administrateur\AppData\Roaming\Microsoft\hgetagve\agwcrhct.exe
virustotal: C:\Program Files (x86)\ASUS\ASUS Manager\USB Lock\svchost.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
AlternateDataStreams: C:\ProgramData\TEMP:0CFE8F97 [130]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> Pas de fichier
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => -> Pas de fichier
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
HKU\S-1-5-21-4251189818-3791226452-2359904026-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nav-fr.com/
URLSearchHook: HKU\S-1-5-21-4251189818-3791226452-2359904026-500 - (Pas de nom) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL Pas de fichier
SearchScopes: HKU\S-1-5-21-4251189818-3791226452-2359904026-500 -> DefaultScope {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4251189818-3791226452-2359904026-500 -> {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
Toolbar: HKLM-x32 - Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll Pas de fichier
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL Pas de fichier
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\PROGRA~2\COPERN~1\COPERN~1.DLL Pas de fichier
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Pas de fichier
FirewallRules: [{E7FE0CBC-379D-420B-A61A-8B568D403037}] => (Allow) C:\Users\Administrateur\AppData\Local\Temp\7zS2721\HP.EasyStart.exe => Pas de fichier
HKLM\...\Run: [service] => C:\Windows\TEMP\ccservice.exe (Pas de fichier) <==== ATTENTION
C:\Windows\TEMP\ccservice.exe
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4251189818-3791226452-2359904026-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe (Pas de fichier)
HKU\S-1-5-18\...\Run: [service] => C:\Windows\TEMP\ccservice.exe (Pas de fichier) <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3F424D0B-BB66-48B9-BBB8-B33B1133ECBD} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe /Register (Pas de fichier)
Task: {4EDA1EDB-A38A-4093-AF1B-E6AEDEA5FF8E} - System32\Tasks\{458DBD59-0546-4549-933D-0B536AC9C567} => C:\Program Files (x86)\jv16 PowerTools\jv16 PowerTools.exe (Pas de fichier)
Task: {50C8E42A-0E5F-47FD-9F48-FCF7DC7015C0} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {5D178C90-A892-4B20-A8D6-0432B08B0BED} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5}
Task: {7E0C1128-FDDE-4865-AC58-1208524EBB37} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe (Pas de fichier)
Task: {9247767D-42D2-4A7B-B2EA-685B402793B4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {9BDC8906-DF9E-407B-9EB3-7BDE742C5A05} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe /Register (Pas de fichier)
Task: {AEC3C800-DE4E-4BE8-AC66-662273E0BF29} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_pepper.exe [1688576 2019-01-02] (Adobe Systems Incorporated) [Fichier non signé]
Task: {B254CE3E-B93A-49A8-9438-60CF6A558CF4} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier)
Task: {BD1715B5-99AB-4644-B653-9F35AD280D01} - \{0A780E47-0C0A-0809-7911-0A0F0B7D1104} -> Pas de fichier <==== ATTENTION
Task: {E1ABC3B9-B7BB-4D35-8652-237C2D02FEFE} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui (Pas de fichier)
Task: {EFD05EFE-0D17-4725-B6AF-66D9CF7747AB} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (Pas de fichier)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => Pas de fichier
HKU\S-1-5-21-4251189818-3791226452-2359904026-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [Pas de fichier]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [Pas de fichier]
CHR HomePage: Default -> hxxp://www.nav-fr.com/
C:\Program Files (x86)\BraveSoftware
C:\Program Files\Opera developer
S2 brave; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svc [X]
S3 bravem; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /medsvc [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]
S3 cphs; %SystemRoot%\SysWow64\IntelCpHeciSvc.exe [X]
S2 ehRecvr; %systemroot%\ehome\ehRecvr.exe [X]
S2 ehSched; %systemroot%\ehome\ehsched.exe [X]
S3 Fax; %systemroot%\system32\fxssvc.exe [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S3 idsvc; "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [X]
S3 IEEtwCollectorService; %SystemRoot%\system32\IEEtwCollector.exe /V [X]
S3 Intel(R) Capability Licensing Service TCP IP Interface; "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe" [X]
S2 jhi_service; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S2 Spooler; %SystemRoot%\System32\spoolsv.exe [X]
S3 TweakingRunAsSystem0028; "C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\tweaking_ras.exe" 0028[]||C:\Windows\Sysnative\cmd.exe||[]/c start /HIGH C:\Windows\System32\cmd.exe /c ||C:\Windows\Temp\temp62854.bat|| & exit
S3 TweakingRunAsSystem0029; "C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\tweaking_ras.exe" 0029[]||C:\Windows\Sysnative\cmd.exe||[]/c start /HIGH C:\Windows\System32\cmd.exe /c ||C:\Windows\Temp\temp75826.bat|| & exit
S3 TweakingRunAsSystem0030; "C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\tweaking_ras.exe" 0030[]||C:\Windows\Sysnative\cmd.exe||[]/c start /HIGH C:\Windows\System32\cmd.exe /c ||C:\Windows\Temp\temp36942.bat|| & exit
S3 VSS; %systemroot%\system32\vssvc.exe [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S2 WSearch; %systemroot%\system32\SearchIndexer.exe /Embedding [X]
S3 cfwids; system32\drivers\cfwids.sys [X]
U3 DfSdkS; pas de ImagePath
S3 mfencbdc; system32\DRIVERS\mfencbdc.sys [X]
C:\Windows\system32\unp*.tmp
2022-10-17 16:35 - 2017-01-05 17:25 - 000003068 _____ C:\Windows\system32\Tasks\McAfeeLogon
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.