start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
Task: C:\WINDOWS\Tasks\New Task.job => TpShUI exetWORKGROUP DESKTOP FO8880J /
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2329423879-699262184-2287041894-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd] - hxxps://clients2.google.com/service/update2/crx
unlock:C:\Program Files (x86)\Segurazo\SegurazoIC.exe
C:\Program Files (x86)\Segurazo\SegurazoIC.exe
unlock:C:\Program Files (x86)\Segurazo\SegurazoService.exe
C:\Program Files (x86)\Segurazo\SegurazoService.exe
unlock:C:\Program Files (x86)\Segurazo\SegurazoKD.sys
C:\Program Files (x86)\Segurazo\SegurazoKD.sys
2019-09-05 12:41 - 2019-09-05 12:41 - 000000000 ____D C:\Users\Actif\AppData\Roaming\segurazoclient
2019-09-05 12:40 - 2019-09-08 20:48 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-09-05 12:40 - 2019-09-05 12:40 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-05 12:40 - 2019-09-05 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
cmd: ipconfig /flushdns
end::