Posté le 2 janvier
Télécharger | Reposter | Largeur fixe

start::
systemrestore: on
closeprocesses:
createrestorepoint:
virustotal: C:\Users\Karbone\AppData\Roaming\PreMiD\PreMiD.exe
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\StartupApproved\Run: => "Avast Browser"
HKLM\...\Policies\Explorer: [AllowOnlineTips] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [ShellSmartScreenLevel] Warn
HKLM\Software\Policies\...\system: [EnableSmartScreen] 1
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Run: [PreMiD] => C:\Users\Karbone\AppData\Roaming\PreMiD\PreMiD.exe [126285312 2021-02-21] (GitHub, Inc.) [Fichier non signé]
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-771896826-3377091728-3557458970-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {8143ccec-a679-4ade-a4c5-59f18b974b51} - pas de chemin du fichier. <==== ATTENTION
Task: {E87F1F2F-9DE8-431E-82AB-60EECDEBFE50} - \GoogleUpdateTaskMachineQC -> Pas de fichier <==== ATTENTION
Task: {ACF9A5D8-3F10-4273-B9B0-B7CC7D4F919E} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => C:\Program Files (x86)\east-tec Eraser\etEraser.exe (Pas de fichier)
Task: {A40103F7-F18E-41FD-B4AE-24FE4354B06E} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (Pas de fichier)
Task: {576AEED6-8443-46C3-A552-D26BD1BA159D} - System32\Tasks\AMDAutoUpdate => "C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe" (Pas de fichier)
Task: {D3844622-9C8C-492A-A430-120799108B6C} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task (Pas de fichier)
Task: {CBC61854-8D9F-4E5F-9453-6E0EB024F2D7} - System32\Tasks\ASC_SkipUac_Karbone => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac (Pas de fichier)
Task: {B7465D87-7F73-4825-ABA2-25B7454A0A33} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-771896826-3377091728-3557458970-1001 => C:\Users\Karbone\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly (Pas de fichier)
Task: {D67AC8F6-213B-4BBB-B0F0-4745D5E6763A} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-771896826-3377091728-3557458970-1001Core => C:\Users\Karbone\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (Pas de fichier)
Task: {0C6DF5D0-3ADA-4B51-A1B9-386C1E8D42C3} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-771896826-3377091728-3557458970-1001UA => C:\Users\Karbone\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {5523A057-A2F7-4352-8371-C158C607A05B} - System32\Tasks\Bloom Updater => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [493568 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -Command [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $ErrorActionPreference = 'Stop' $spicePath = spicetify -c | Split-Path $themeFolder = Get-ChildItem -Path $spicePath\Themes\bloom $lastWriteTime = Get-Date -Da (l'élément de données a 502 caractères en plus).
Task: {D19B410B-08F9-4CB8-8E46-45504A91147E} - System32\Tasks\CCleanerSkipUAC - eokta => "D:\Windows Old\CCleaner\CCleaner64.exe" $(Arg0) (Pas de fichier)
Task: {D331BE44-6166-4839-97D6-59742291FE41} - System32\Tasks\G100 => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [493568 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -Command "Start-Process -WindowStyle hidden -FilePath \"C:\Users\Karbone\AppData\Local\Temp\g100.bat\" -ArgumentList \"111\"" <==== ATTENTION
Task: {56CB9840-845A-40DF-9123-322B56FF5737} - System32\Tasks\iTop Data Recovery SkipUAC (Karbone) => "C:\Program Files (x86)\iTop Data Recovery\iTopDataRecovery.exe" /skipUAC (Pas de fichier)
Task: {EB11C537-B96C-42A4-BA56-F45CEE47DC14} - System32\Tasks\iTop Data Recovery Update => "C:\Program Files (x86)\iTop Data Recovery\AutoUpdate.exe" /auto (Pas de fichier)
Task: {15556AED-FDF9-4718-99B0-C7A056036636} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-771896826-3377091728-3557458970-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Extension: (PreMiD) - C:\Users\Karbone\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2023-12-27] [UpdateUrl:hxxps://api.premid.app/firefox/updates] <==== ATTENTION
CHR HKU\S-1-5-21-771896826-3377091728-3557458970-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
hosts:
emptytemp:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.