Publicité
Publicité
Format du document : text/plain
Prévisualisation
CreateRestorePoint:
CloseProcesses:
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
S3 ardrv; C:\Users\Admin\AppData\Local\Temp\ardrv.sys [17224 2022-01-30] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
S3 MBAMSwissArmy; C:\windows\system32\drivers\mbamswissarmy.sys [40776 2022-01-29] (Malwarebytes Corporation -> Malwarebytes Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-25]
2022-01-29 14:00 - 2022-01-29 14:00 - 000040776 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamswissarmy.sys
2022-01-30 12:09 - 2014-03-03 10:51 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-30 12:00 - 2017-01-25 14:31 - 000000000 ____D C:\Program Files\PRO PC Cleaner
2022-01-28 00:09 - 2009-07-26 02:49 - 000732294 _____ C:\windows\system32\perfh010.dat
2022-01-28 00:09 - 2009-07-26 02:49 - 000146900 _____ C:\windows\system32\perfc010.dat
2022-01-28 00:09 - 2009-07-26 02:39 - 000735746 _____ C:\windows\system32\perfh013.dat
2022-01-28 00:09 - 2009-07-26 02:39 - 000153156 _____ C:\windows\system32\perfc013.dat
2022-01-28 00:09 - 2009-07-26 02:18 - 000748014 _____ C:\windows\system32\perfh00C.dat
2022-01-28 00:09 - 2009-07-26 02:18 - 000150248 _____ C:\windows\system32\perfc00C.dat
2022-01-27 23:52 - 2017-01-25 14:40 - 000003104 _____ C:\windows\system32\Tasks\WinZip Malware Protector_startup
2022-01-28 00:19 - 2022-01-28 00:19 - 000000000 ____D C:\Program Files\Common Files\avast software
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-2121030196-2014010115-4068463178-1000 -> Pas de nom - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Pas de fichier
MSCONFIG\startupreg: WebBar Toolbar => C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
CMD: cscript %windir%\System32\slmgr.vbs /dli
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
EmptyTemp:
CloseProcesses:
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
S3 ardrv; C:\Users\Admin\AppData\Local\Temp\ardrv.sys [17224 2022-01-30] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
S3 MBAMSwissArmy; C:\windows\system32\drivers\mbamswissarmy.sys [40776 2022-01-29] (Malwarebytes Corporation -> Malwarebytes Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR Extension: (Avast SafePrice) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-01-25]
2022-01-29 14:00 - 2022-01-29 14:00 - 000040776 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamswissarmy.sys
2022-01-30 12:09 - 2014-03-03 10:51 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-30 12:00 - 2017-01-25 14:31 - 000000000 ____D C:\Program Files\PRO PC Cleaner
2022-01-28 00:09 - 2009-07-26 02:49 - 000732294 _____ C:\windows\system32\perfh010.dat
2022-01-28 00:09 - 2009-07-26 02:49 - 000146900 _____ C:\windows\system32\perfc010.dat
2022-01-28 00:09 - 2009-07-26 02:39 - 000735746 _____ C:\windows\system32\perfh013.dat
2022-01-28 00:09 - 2009-07-26 02:39 - 000153156 _____ C:\windows\system32\perfc013.dat
2022-01-28 00:09 - 2009-07-26 02:18 - 000748014 _____ C:\windows\system32\perfh00C.dat
2022-01-28 00:09 - 2009-07-26 02:18 - 000150248 _____ C:\windows\system32\perfc00C.dat
2022-01-27 23:52 - 2017-01-25 14:40 - 000003104 _____ C:\windows\system32\Tasks\WinZip Malware Protector_startup
2022-01-28 00:19 - 2022-01-28 00:19 - 000000000 ____D C:\Program Files\Common Files\avast software
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Pas de fichier
Toolbar: HKU\S-1-5-21-2121030196-2014010115-4068463178-1000 -> Pas de nom - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Pas de fichier
MSCONFIG\startupreg: WebBar Toolbar => C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
CMD: cscript %windir%\System32\slmgr.vbs /dli
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
EmptyTemp: