Édité le 11 novembre 2022
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\Policies\Explorer: [NoViewContextMenu] 0
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {AAD954D2-C06B-4C67-A100-6386C35724D3} - System32\Tasks\Firefox Default Browser Agent FE598138FB7E6312 => C:\Users\Dominique\AppData\Roaming\tjrgdgr [42064 2022-01-12] (Microsoft Corporation -> Microsoft Corporation)
C:\Users\Dominique\AppData\Roaming\tjrgdgr
Task: {BDAF1900-9147-496C-B1AF-7EE789089795} - System32\Tasks\AVAST Software\Tukhobmspywlee => C:\Windows\SysWOW64\rundll32 C:\Users\Dominique\AppData\Local\ResetRanch\MessrgeMources\njzsofr_Winson.dll,KBDGRefone_Vrrapi
C:\Users\Dominique\AppData\Local\ResetRanch
Task: {D3098EA6-42A6-46CB-8C6D-96A1E8E3D304} - System32\Tasks\Intelligent StandbyList Cleaner => C:\Users\Dominique\Documents\IDU\s\Fortnite Fps Boost Pack (Saison 6)\Optimisations\ISLC v1.0.2.2\Intelligent standby list cleaner ISLC.exe (Pas de fichier)
ProxyServer: [S-1-5-21-996704652-2343415065-2899989391-1001] => 127.0.0.1:8892
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
S3 Browser; %SystemRoot%\System32\browser.dll [X]
U1 avgbdisk; pas de ImagePath
S2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; \??\C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
U4 DcpSvc; pas de ImagePath
U4 HomeGroupListener; pas de ImagePath
U4 HomeGroupProvider; pas de ImagePath
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
C:\Program Files (x86)\IObit
U4 OneSyncSvc_402ac; pas de ImagePath
U4 xbgm; pas de ImagePath
2022-10-23 17:07 - 2022-08-17 11:14 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
C:\Users\Dominique\AppData\Roaming\********-****-****-****-************
2022-01-12 17:52 - 2022-01-12 17:52 - 000042064 ___SH (Microsoft Corporation) C:\Users\Dominique\AppData\Roaming\tjrgdgr
2022-08-17 08:43 - 2022-08-17 08:43 - 000000000 _____ () C:\Users\Dominique\AppData\Roaming\tjrgdgr.sys
2022-08-16 19:09 - 2022-08-16 19:09 - 000000000 _____ () C:\Users\Dominique\AppData\Roaming\tjrgdgr.txt
CustomCLSID: HKU\S-1-5-21-996704652-2343415065-2899989391-1001_Classes\CLSID\{c1d5a8e7-c773-263e-4715-b5d6aa683f3c}\localserver32 -> "E:\autre\VPN\ProtonVPN.exe" -ToastActivated => Pas de fichier
ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> Pas de fichier
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
AlternateDataStreams: C:\PerfLogs:err [1282]
AlternateDataStreams: C:\Windows\system32\9EarsSurroundSound.dll:72B1DE377E [2594]
AlternateDataStreams: C:\ProgramData\goyslgxe.nnn:7297ACA992 [2594]
AlternateDataStreams: C:\ProgramData\lir.bats:286F7FC5C6 [2594]
AlternateDataStreams: C:\ProgramData\lock.dat:B839BDBBBE [2594]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [2594]
AlternateDataStreams: C:\ProgramData\rc.dat:64746D5524 [2594]
AlternateDataStreams: C:\ProgramData\sqlite3.dll:016BF53414 [2594]
AlternateDataStreams: C:\ProgramData\sys_rh.bin:DD355320B7 [2594]
AlternateDataStreams: C:\ProgramData\ts.dat:447AB85D72 [2594]
AlternateDataStreams: C:\ProgramData\tyvfcquz.wxt:B63721167D [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elsword.lnk:5AF8151D35 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk:E723AE5F19 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [2594]
AlternateDataStreams: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asphalt 9: Legends.lnk [885]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8808]
BHO: Pas de nom -> {34EDF7FD-FD9B-420F-A701-CC2C081FB26C} -> Pas de fichier
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-996704652-2343415065-2899989391-1001\...\StartupApproved\Run: => "Advanced SystemCare"
cmd: netsh advfirewall reset
removeproxy:
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.