Édité le 10 mars 2023
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Users\Enzon\AppData\Local\Salve.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
AlternateDataStreams: C:\Windows\System32:tdsrinu.gfc [5882]
FirewallRules: [{789263BB-1A78-4945-9E52-A0B565FEE0C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe => Pas de fichier
FirewallRules: [{5500BEE2-B117-4C4F-9B19-600B9662FA55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe => Pas de fichier
FirewallRules: [{55C7DCE8-DD10-45F4-90B6-BE51F651317A}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe => Pas de fichier
FirewallRules: [{819E2533-FB4D-4207-884F-21882D1442C0}] => (Allow) D:\SteamLibrary\steamapps\common\pCars\pCARS64.exe => Pas de fichier
FirewallRules: [{D8C79295-D6AC-4493-81B4-7934790F9662}] => (Allow) D:\SteamLibrary\steamapps\common\Steep\steep.exe => Pas de fichier
FirewallRules: [{CF922646-5301-4197-9ED9-BAB233DE4669}] => (Allow) D:\SteamLibrary\steamapps\common\Steep\steep.exe => Pas de fichier
FirewallRules: [{5AD2885D-DF42-4227-9F9B-DADD99EDA803}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe => Pas de fichier
FirewallRules: [{664F4B2D-4D4D-4D1E-A175-0397F503CC37}] => (Allow) D:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe => Pas de fichier
FirewallRules: [{B8086E21-E67F-42A3-ABD0-3AC9F092D960}] => (Allow) D:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe => Pas de fichier
FirewallRules: [{E42CF9AF-EF86-4AA5-BA68-BBE856E4F811}] => (Allow) D:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Master Duel\masterduel.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1206058686-1462481517-1855006504-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {100C4111-D077-4A4F-A482-040C15B76CAB} - System32\Tasks\ph9d7j\l14v5c\yhl7j1\6sw5ms\r3s5cl\h36mc9\s6hev8\nlq4nw\la0oov\3k2xnn\t1yetr\mk0701\0kax79\pi96rf\n4tboz\jx29nk\krxyfo => C:\Users\Enzon\AppData\Local\philanthropists.exe (Pas de fichier) <==== ATTENTION
Task: {45C97C8E-64FD-4C3E-B15E-8A0F175558A1} - System32\Tasks\6wfjaj\vcfmhu\adojgh\f6cchb\2g06ot\2hnfrc\gaqfe5\vxbl61\2orqw9\itdhjp\086arl\19mf0z\oorcyo\yo42bb\z5x30h\47jpd1\59xsr8 => C:\Users\Enzon\AppData\Local\Salve.exe "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyr2jp0jp2jptgbnhy2jp0p3p0r9tgbnhyrjpasp4WqttgbnhyXZ9T6soTT5tgbnhyeJwcD3" (Pas de fichier) <==== ATTENTION
Task: {A38CF241-8C2E-40DC-99F2-C16B6DE5FD15} - System32\Tasks\pmvk5v\dc6ity\8awzt8\7g8740\57s9va\2socn5\d9dcay\ydm4mj\gaj141\t8v7nl\2tjnx7\auokl6\87xl3z\9jmohv\r2uzp0\tybmet\xmh4v3 => C:\Users\Enzon\AppData\Local\bayan.exe "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyr2jp0jp2jptgbnhy2jp0p3p0r9tgbnhyrjpasp4WqttgbnhyXZ9T6soTT5tgbnhyeJwcD3" (Pas de fichier) <==== ATTENTION
C:\Users\Enzon\AppData\Local\Salve.exe
Task: {A4379503-74BB-40AB-B225-B113745565A5} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTasknS61dzAN => powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Windows\System32\55940E7D-1916-4598-8E14-ED2EA6D6C700.ps1" <==== ATTENTION
Task: {B70512CE-BB07-4D98-8D37-E0F22C3E67D7} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray (Pas de fichier)
C:\Program Files (x86)\Wise
Task: {B871E170-3D38-4EAF-9887-1659931E46A9} - System32\Tasks\vq45fy\t7ibkt\uuwyim\zaxgwi\5ohu70\nsygf7\05spki\f0cug3\qb1dra\qlv93p\lej2pn\mbeyce\y9w9z5\7rtt1h\u5nm0s\vji82z\s0px8m => C:\Users\Enzon\AppData\Local\Chichi.exe "tgbnhyhtgbnhyttgbnhyttgbnhyptgbnhy:tgbnhy/tgbnhy/tgbnhywtgbnhywtgbnhywtgbnhy.tgbnhyftgbnhyotgbnhyntgbnhyttgbnhyetgbnhyntgbnhyotgbnhyttgbnhystgbnhyutgbnhy.tgbnhyctgbnhyotgbnhymtgbnhy/tgbnhyr2jp0jp2jptgbnhy2jp0p3p0r9tgbnhyrjpasp4WqttgbnhyXZ9T6soTT5tgbnhyeJwcD3" (Pas de fichier) <==== ATTENTION
Task: {E60A6CDC-0A4C-428E-82BB-5F0AA232A72E} - System32\Tasks\Microsoft\Windows\Registry\09F3p16508A => wscript.exe C:\Windows\System32\3Gv8pn8G.js /b <==== ATTENTION
Task: {E7A057FD-5976-4469-82B4-5E41075996F5} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.dailymercato.com; hxxps://www.e.leclerc; hxxps://www10.orvilleandrea.pro; hxxps://www61.nathanaeldan.pro
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
S2 WiseBootAssistant; C:\Programmes portable\[FTUApps.com] - Wise Care 365 Pro v6.3.3.611 Multilingual Portable\App\WiseCare365\BootTime.exe [X]
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2022-11-06] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
2023-02-22 11:45 - 2023-02-22 11:45 - 000028985 _____ C:\Windows\system32\3Gv8pn8G.js
hosts:
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.