Édité le 18 novembre 2022
Télécharger | Reposter | Largeur fixe

start::
SystemRestore: On
closeprocesses:
createrestorepoint:
virustotal: C:\ProgramData\42530337471082026256.exe
virustotal: C:\ProgramData\90120203793879920164.exe
FirewallRules: [UDP Query User{6096E98F-4275-4184-A126-4D1C915615D5}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Pas de fichier
FirewallRules: [TCP Query User{09A6DF00-85F5-4840-A42B-D36CFABECA4D}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Pas de fichier
FirewallRules: [UDP Query User{A02BAB54-2012-496D-8D6E-C0C5F28FBF3C}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe => Pas de fichier
FirewallRules: [TCP Query User{953433DF-831C-4F8A-B155-5E31D1FDFB4C}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe => Pas de fichier
FirewallRules: [TCP Query User{C22F8B05-B3BC-4EB3-ADA1-9D6E6F974D03}D:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe => Pas de fichier
FirewallRules: [UDP Query User{9F35B58E-E18A-4215-A67E-D4B83CB4D02E}D:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the first descendant steam beta\m1\binaries\win64\m1-win64-shipping.exe => Pas de fichier
FirewallRules: [TCP Query User{2ACE97FD-887F-41FF-B287-056C3E2AF892}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => Pas de fichier
FirewallRules: [UDP Query User{96ECF714-3135-4394-A2E4-E35E50A5493C}D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steamlibrary\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => Pas de fichier
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableLUA"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"SmartScreenEnabled"="warm"
EndRegedit:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2648383372-2216786804-1905716245-1001\...\Run: [GalaxyClient] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {13291D32-A4F0-4FE0-B366-7B0602FC0A03} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {14EFB7BF-4944-4C19-8B28-B403976176DC} - System32\Tasks\AsrAPPShop => C:\Program Files (x86)\ASRock Utility\Auto Driver Installer\AsrAPPShop.exe (Pas de fichier)
Task: {6E7AE7EB-62F7-41E9-96AF-02E0E01F97C1} - System32\Tasks\ar => wscript.exe "%appdata%\obs-studio\bin\64bit\.vbs" "%appdata%\obs-studio\bin\64bit\.cmd"
2022-11-18 20:40 - 2022-10-01 19:01 - 000000000 __SHD C:\Users\Antho\AppData\Roaming\obs-studio
Task: {74B79039-DC50-4858-B9F6-B1E3F9FD40D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
Task: {ADC91890-3725-4637-8273-BA53BD621B2D} - System32\Tasks\GPU Tweak III => C:\Program Files (x86)\ASUS\GPUTweakIII\GPU Tweak III.exe (Pas de fichier)
Task: {B048EDAB-61D4-4A44-B44B-3ED8DEA99E18} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.34\Installer\setup.exe --handle-crash="$(ProcessPath)" (Pas de fichier)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Pas de fichier)
2022-11-11 18:06 - 2022-11-11 18:07 - 004860416 _____ C:\ProgramData\42530337471082026256.exe
2022-11-11 18:05 - 2022-11-11 18:06 - 055817880 _____ C:\ProgramData\90120203793879920164.exe
hosts:
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.