Posté le 25 avril
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\Program Files\Canon\IJ Manual\G2010 series\French\uninst.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {01A65E8C-C403-4E8B-8E08-D6EAA3CDA6A2} - System32\Tasks\ActivationRule => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {253270C8-1363-45E4-8513-55877044C9C6} - System32\Tasks\SettingSysHost\SettingSysHostServices_bk146 => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {3FA8B55B-8D6D-4C8A-BBDE-A14466F5A0B8} - System32\Tasks\WmiPrvSE => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {581510CA-5F0B-494E-AF3A-E9DC1FF2DF80} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (Pas de fichier)
Task: {583C09D6-8F70-4BEF-BDE9-470410D9035E} - \Opera scheduled assistant Autoupdate 1607063279 -> Pas de fichier <==== ATTENTION
Task: {5FE5AB22-2D8E-47D7-B2AB-3DF7D690BEF5} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (Pas de fichier)
Task: {7503B36D-2563-47E0-9C3B-5A93555BD4FC} - System32\Tasks\AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk850 => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {8CF38AFD-B4FB-4AF8-B31D-A65CE4982B06} - System32\Tasks\WindowsDefender => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {95493284-5C51-482F-90A9-960071FB1122} - System32\Tasks\Agent Activation Runtime\Agent Activation RuntimeServices_bk392 => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {A5FCA66F-3598-4DDE-8E97-43D94A76871D} - System32\Tasks\MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk420 => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {B30CEEA7-444A-46A7-B2E7-E91152517AB7} - System32\Tasks\MicrosoftEdgeUpd => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {B5D896EE-4289-4BD9-8D7E-F961FF8C1791} - System32\Tasks\OneDriveService => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {BBD3C8CE-E863-4709-88F5-3AB9E177612E} - System32\Tasks\WindowsDefenderServices\WindowsDefenderServicesServices_bk912 => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {C3A218AE-1FCC-4C66-B679-127509A32993} - System32\Tasks\AntiMalwareServiceExecutable => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {C44E5ECA-3D56-4512-8957-E9497EFA6409} - System32\Tasks\NvStray => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {C4A4FBD5-6679-4509-AF4D-5A885425199C} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {C81A92F3-6E69-4602-8BAF-921EE4A95FEC} - System32\Tasks\SecurityHealthSystray => C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe (Pas de fichier) <==== ATTENTION
Task: {F5A73371-ACBA-4F63-8959-6ACFCDDF1D30} - System32\Tasks\ActivationRuntime => C:\ProgramData\RuntimeBrokerData\RegSvc.exe (Pas de fichier)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
2023-04-19 15:12 - 2023-04-19 15:12 - 000000000 ____D C:\Users\DELL02\Documents\TotalAV
2023-04-19 14:58 - 2023-04-19 14:58 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-04-19 14:57 - 2023-04-19 14:57 - 000000000 ____D C:\Users\DELL02\AppData\Local\GUI
2023-04-19 14:54 - 2023-04-19 14:55 - 057278304 _____ C:\Users\DELL02\Documents\TotalAV.exe
2023-04-19 13:58 - 2023-04-19 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-04-19 13:57 - 2023-04-19 13:57 - 000000000 ____D C:\ProgramData\GridinSoft
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
IE trusted site: HKU\S-1-5-21-2216554249-1577353049-3809876043-1001\...\webcompanion.com -> hxxp://webcompanion.com
C:\Paint
C:\autorun.inf
hosts:
cmd: netsh advfirewall reset
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.