Posté le 24 avril
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Windows\System32\wbem\WmiPrvSE.exe
CustomCLSID: HKU\S-1-5-21-4293708715-4276633199-947103255-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\matti\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4293708715-4276633199-947103255-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\matti\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Pas de fichier
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
IE trusted site: HKU\S-1-5-21-4293708715-4276633199-947103255-1001\...\sharepoint.com -> hxxps://etuunivlyon1fr-files.sharepoint.com
HKLM\...\StartupApproved\Run32: => "SDTray"
MSCONFIG\Services: Wondershare InstallAssist => 2
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4481432 2023-04-20] (Avast Software s.r.o. -> AVAST Software)
C:\Program Files\Avast Software
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {02784CA4-80BE-4318-8120-AC6FDFA8DB38} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5029784 2023-04-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid 88339c5d-0aed-4ff9-a4cd-a88c3d0a01ea
Task: {165E5125-2F7C-4579-B92A-99539CB137AF} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [26781928 2023-04-17] (GRIDINSOFT, TOV -> Gridinsoft LLC)
Task: {2DF1C32E-7A83-4D7E-AE76-567914A3D832} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5751664 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {95DE6A1E-D67E-40D1-8FCF-A91376F4DE3D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6191000 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
C:\Program Files (x86)\Spybot - Search & Destroy 2
Task: {982B5BD0-025A-466A-B8C3-8DD93B4B55E1} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {C3A944D7-B92E-4389-9DA9-B45ACD534FA9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4829904 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C4AA6D05-B956-409F-BB1F-B296636A2473} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7092120 2023-04-12] (Avast Software s.r.o. -> Avast Software)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Addins\SocialApps\DriverInstall.exe [X]
S4 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [0 2023-04-20] () <==== ATTENTION [zéro octet Fichier/Dossier]
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17396632 2023-04-20] (Avast Software s.r.o. -> AVAST Software)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2023-04-03] (GridinSoft, LLC -> GridinSoft LLC)
2023-04-20 18:19 - 2023-04-20 18:19 - 000002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2023-04-20 18:19 - 2023-04-20 18:19 - 000002196 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2023-04-20 18:19 - 2023-04-20 18:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-04-20 18:19 - 2023-04-20 18:19 - 000000000 ____D C:\Users\matti\AppData\Roaming\Avast Software
2023-04-20 18:18 - 2023-04-24 19:02 - 000000000 ____D C:\ProgramData\Avast Software
2023-04-20 18:18 - 2023-04-20 18:18 - 000040344 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2023-04-20 18:18 - 2023-04-20 18:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-04-20 18:18 - 2023-04-20 18:18 - 000000000 ____D C:\Program Files\Avast Software
2023-04-20 17:40 - 2023-04-20 17:40 - 000000000 ____D C:\Users\matti\Downloads\x64
2023-04-20 12:35 - 2023-04-20 12:37 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2023-04-20 12:35 - 2023-04-20 12:35 - 000001431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2023-04-20 12:35 - 2023-04-20 12:35 - 000001419 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2023-04-20 12:35 - 2023-04-20 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2023-04-20 12:35 - 2023-04-20 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2023-04-20 12:35 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2023-04-20 12:34 - 2023-04-20 18:20 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2023-04-20 10:50 - 2023-04-20 10:50 - 000003342 _____ C:\WINDOWS\system32\Tasks\GridinSoft Anti-Malware
2023-04-20 10:50 - 2023-04-20 10:50 - 000001128 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2023-04-20 10:49 - 2023-04-20 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-04-20 10:49 - 2023-04-20 10:49 - 000000000 ____D C:\ProgramData\GridinSoft
2023-04-20 10:49 - 2023-04-20 10:49 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2023-04-20 18:24 - 2022-04-12 10:01 - 000001548 _____ C:\Users\matti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-04-20 18:24 - 2022-04-12 10:01 - 000001442 _____ C:\Users\matti\Desktop\ESET Online Scanner.lnk
cmd: netsh advfirewall reset
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.