Posté le 14 mai
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
virustotal: C:\WINDOWS\nl.exe
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: IObit Malware Fighter (Disabled - Out of date) {72254378-B0F2-858E-E23B-921FCAC3D529}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8240]
AlternateDataStreams: C:\Users\Quentin\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Quentin\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\Software\Classes\.cmd: => <==== ATTENTION
IE trusted site: HKU\S-1-5-21-2498783253-1508921673-2001930895-1007\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\...\Run: [Uranium] => C:\Program Files (x86)\Uranium Backup\Uranium.exe reg (Pas de fichier)
HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\...\Run: [AdobeBridge] => [X]
Startup: C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-03-04]
ShortcutTarget: DeepL auto-start.lnk -> (Pas de fichier)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {499A48CE-2BB1-4BA7-95CC-C754E744F9DB} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\Quentin\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe [1967856 2022-08-17] (Orange -> Orange)
Task: {768D527D-D443-4C2D-8609-0B0AA91F04C0} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Install => C:\Program Files (x86)\Orange Update\install.bat [0 2022-09-08] () <==== ATTENTION [zéro octet Fichier/Dossier] <==== ATTENTION
Task: {E801FE39-9867-4C3B-B86D-E0F6E9483C3A} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(1): Net -> stop "Orange Update Core Service"
Task: {E801FE39-9867-4C3B-B86D-E0F6E9483C3A} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(2): Net -> start "Orange Update Core Service"
CHR HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]
CHR HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo]
CHR HKU\S-1-5-21-2498783253-1508921673-2001930895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
S3 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [184056 2022-11-23] (Orange -> Orange)
S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X]
S3 IMFEFSFileControl; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X]
C:\Program Files (x86)\IObit
2023-05-09 22:10 - 2023-05-14 17:19 - 000000000 ____D C:\Program Files (x86)\IObit
2023-05-09 22:10 - 2023-05-14 17:18 - 000000000 ____D C:\Users\Quentin\AppData\Roaming\IObit
2023-05-09 22:10 - 2023-05-14 17:18 - 000000000 ____D C:\ProgramData\ProductData
2023-05-09 22:10 - 2023-05-14 17:17 - 000000000 ____D C:\Users\Quentin\AppData\LocalLow\IObit
2023-05-09 22:10 - 2023-05-14 17:17 - 000000000 ____D C:\ProgramData\IObit
2023-05-09 22:11 - 2023-02-10 01:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
cmd: netsh advfirewall reset
cmd: sfc /scannow
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.