start:: systemrestore:...

Posté le 25 octobre
Télécharger | Reposter | Largeur fixe

start::
systemrestore: on
closeprocesses:
createrestorepoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {6A8B8B55-4F52-417E-9ABB-45066F283EE3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {8F71981A-C749-4146-9804-2545CBC90B5C} - System32\Tasks\App Explorer => C:\Users\ju\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {4F1EF196-AC16-4655-B8AE-6ADE23DA5605} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {6491382E-B6DA-4681-976E-825BAC92D439} - System32\Tasks\CareCenter\Discord.lnk_FolderAppdata_S-1-5-21-3098391577-2452194827-2269186165-1001 => C:\Users\ju\AppData\Local\Discord\Update.exe [1525016 2023-07-06] (Discord Inc. -> GitHub) -> --processStart Discord.exe <==== ATTENTION
Task: {C22EBA41-DC60-441F-8C26-CD5333DB37E2} - System32\Tasks\CareCenter\Discord_Reg_HKLMWow6432Run => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [68822328 2021-03-03] (Discord Inc. -> Discord Inc.) <==== ATTENTION
Task: {64B4280C-2EC3-4683-8109-8CAFB8A08BD0} - System32\Tasks\CareCenter\DiscordPTB_Reg_HKLMWow6432Run => C:\ProgramData\SquirrelMachineInstalls\DiscordPTB.exe [69740136 2021-03-03] (Discord Inc. -> Discord Inc.) <==== ATTENTION
Task: {988144CD-3C5F-4099-8460-5249630A385F} - System32\Tasks\CareCenter\iSkysoft Helper Compact.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Avast Online Security) -> EdgeExtension_51CA791EAvastOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AvastOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-01-16]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\ju\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-11-17]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
C:\Users\ju\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKU\S-1-5-21-3098391577-2452194827-2269186165-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.231\IsAppService.exe [493320 2017-10-19] (Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft)
S2 asrrealtimesrv; C:\Program Files (x86)\Advanced System Repair Pro 1.9.9.3.0\asrrealtimesrv.exe [X]
S3 GridinSoftInetSecurityDriver; C:\WINDOWS\system32\DRIVERS\gsInetSecurity.sys [107784 2023-10-11] (GridinSoft, LLC -> GridinSoft LLC)
2023-10-25 01:56 - 2023-10-25 01:56 - 000001125 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2023-10-25 01:55 - 2023-10-25 01:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2023-10-25 01:55 - 2023-10-25 01:55 - 000000000 ____D C:\ProgramData\GridinSoft
2023-10-25 01:55 - 2023-10-25 01:55 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2023-10-25 01:54 - 2023-10-25 01:54 - 000905704 _____ (Gridinsoft LLC) C:\Users\ju\Downloads\gsam-fr-install.exe
2023-10-25 01:48 - 2023-10-25 01:48 - 000000000 _____ C:\Users\ju\Downloads\kprm-1.22-installer.exe
2023-10-25 01:47 - 2023-10-25 01:47 - 001767520 _____ ( ) C:\Users\ju\Downloads\kprm-1.22-installer_HCy-cA1.exe
2023-10-25 01:44 - 2023-10-25 01:44 - 005200296 _____ (kernel-panik) C:\Users\ju\Downloads\kprm_1.9.exe
2023-10-24 21:50 - 2023-10-24 21:50 - 000084884 _____ C:\ProgramData\agent.uninstall.1698177004.bdinstall.v2.bin
2023-10-24 21:49 - 2023-10-24 21:49 - 000458508 _____ C:\ProgramData\cl.uninstall.1698176932.bdinstall.v2.bin
2023-10-24 21:36 - 2023-10-24 21:36 - 000700928 _____ C:\ProgramData\cl.1698175969.bdinstall.v2.bin
2023-10-24 21:36 - 2023-10-24 21:36 - 000120376 _____ C:\ProgramData\cl.kit.1698175945.bdinstall.v2.bin
2023-10-24 21:36 - 2023-10-24 21:36 - 000000000 ____D C:\ProgramData\Gemma
2023-10-24 21:36 - 2023-10-24 21:36 - 000000000 ____D C:\ProgramData\Atc
2023-10-24 21:36 - 2023-10-24 21:36 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2023-10-24 21:35 - 2023-10-24 21:36 - 000000000 ____D C:\ProgramData\BDLogging
2023-10-24 21:35 - 2023-10-24 21:35 - 000000000 ____D C:\WINDOWS\system32\elambkup
2023-10-24 21:34 - 2023-10-24 21:34 - 000000000 ____D C:\Users\ju\AppData\Roaming\Bitdefender Security App
2023-10-24 21:33 - 2023-10-24 21:49 - 000000000 ____D C:\ProgramData\Bitdefender
2023-10-24 21:27 - 2023-10-24 21:27 - 000144028 _____ C:\ProgramData\agent.1698175625.bdinstall.v2.bin
2023-10-24 21:27 - 2023-10-24 21:27 - 000000000 ____D C:\Users\ju\AppData\Local\Bitdefender
2023-10-24 21:27 - 2023-10-24 21:27 - 000000000 ____D C:\ProgramData\Bitdefender Agent
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers4: [Gridinsoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2023-10-12] (GRIDINSOFT, TOV -> Gridinsoft LLC)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [Gridinsoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2023-10-12] (GRIDINSOFT, TOV -> Gridinsoft LLC)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
SearchScopes: HKU\S-1-5-21-3098391577-2452194827-2269186165-1001 -> DefaultScope {11935F4E-1A04-48AC-A819-97027ADA3D9D} URL =
SearchScopes: HKU\S-1-5-21-3098391577-2452194827-2269186165-1001 -> {11935F4E-1A04-48AC-A819-97027ADA3D9D} URL =
cmd: netsh advfirewall reset
cmd: sfc /scannow
emptytemp:
end::