start:: CreateRestorePoint: CloseProcesses:...

Posté le 18 septembre 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4038688 2019-07-19]
Task: {333EDE83-3117-4FB7-A2C9-8123698D195F} - System32\Tasks\pecokukot\{3BE6C5CD-8FDF-1D77-769F-1ADC783BAC59} => C:\Users\GUERRA~1\AppData\Local\PECEME~1\PECOKU~1.EXE
Task: {4901B38C-2C21-4291-B3C6-E81678FD81BE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757472 2019-09-04]
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=
SearchScopes: HKLM -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM-x32 -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> DefaultScope {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {8A325BFC-729B-49F3-A04E-14FBA5BBE286} URL =
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535360 2019-09-04]
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07]
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20]
U3 aswbdisk; pas de ImagePath
2019-09-14 18:36 - 2019-09-14 18:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\GUERRA Dominique\Downloads\iExplore.exe
2019-09-02 20:06 - 2019-09-18 13:29 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\{0BE43DB8-2F4C-5100-42D4-74E866BC8870}
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\Program Files (x86)\Avira
2019-09-18 13:29 - 2016-02-26 15:31 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-09-18 13:29 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files\AVAST Software
2019-09-13 15:01 - 2019-07-20 12:49 - 000002566 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2019-09-04 11:21 - 2019-07-19 19:34 - 000203440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-09-04 11:21 - 2019-07-19 19:34 - 000195648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
Amazon Assistant (HKLM-x32\...\{42FA793A-4E94-4FA3-A638-9B4B6B1D6A25}) (Version: 10.18.0221 - Amazon)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
EmptyTemp:
cmd: sfc /scannow
end::