re
Lance Farbar
Copies les lignes suivantes dans le cadre rouge
start::
CloseProcesses:
CreateRestorePoint:
Hosts:
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [5114880 2022-05-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {11BA83F5-E3BA-4A35-80F2-041129A0F17F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Pas de fichier <==== ATTENTION
Task: {2625FF26-0953-44A0-A8EB-FCE01526EA75} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Pas de fichier <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
SearchScopes: HKU\S-1-5-21-3754769428-2505807691-2846245118-1001 -> {783A3124-E713-4EE5-88F3-3A141CC127E3} URL =
SearchScopes: HKU\S-1-5-21-3754769428-2505807691-2846245118-1001 -> {A6AAF70C-D4DD-4F57-A3D2-C2C85ADF36A3} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3754769428-2505807691-2846245118-500 -> DefaultScope {783A3124-E713-4EE5-88F3-3A141CC127E3} URL =
SearchScopes: HKU\S-1-5-21-3754769428-2505807691-2846245118-500 -> {783A3124-E713-4EE5-88F3-3A141CC127E3} URL =
SearchScopes: HKU\S-1-5-21-3754769428-2505807691-2846245118-500 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Pas de nom -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Pas de fichier
BHO: Pas de nom -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Pas de fichier
Toolbar: HKU\S-1-5-21-3754769428-2505807691-2846245118-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-3754769428-2505807691-2846245118-500 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
StartRegedit:
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
EndRegedit:
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|QuickTime Task
DeleteKey: HKLM\SOFTWARE\c62032b2-0bca-5abc-b458-fd67cfc9e49b
EmptyTemp:
cmd: dism.exe /online /cleanup-image /restorehealth
cmd: sfc /scannow
end::
Corrige et heberge le rapport fixlog
@+