Start:: CreateRestorePoint: CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction HKU\S-1-5-21-203050911-607489312-4017213877-1001\...\Run: [Chromium] => c:\users\ssbbd\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [Fichier non signé] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKU\S-1-5-21-203050911-607489312-4017213877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FCNoziJyJH2eN8CHSUXo%2BlQVyDPQr7oRgb7lKiGiBB4vwca62wycIVGyHVj3SB8xHm2KSgQ87xp6R%2BmUbAKuQvt2rWF2lKW%2F99ekd7d6anXvvWmw4zLskXKT8vPXEV47objX3vwOIc0gxu1i6SZPS2T4fhgPOdzTtwj%2F54xPDL7rQBrSZaHJGz3mfVZHBYYn5nQ72giNyLFb4l3He7ShUoaTlbVoqSvR3K2H8UeBz9iVqD%2B6ZaekwPOjk1wxkmyqeEaycRvoTpFrLXmV8euG30fz%2BlUY6Sz4uVO6eSnTk30Vt58IMJ3POMhnpVuCGA%2Fg5w%3D%3D SearchScopes: HKLM -> DefaultScope {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM -> {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-203050911-607489312-4017213877-1001 -> DefaultScope {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FCWtF9eTgFN9B7sUOejn9cqtH6i3ROAVaWoo6%2FT2LETUkojCZy5Jdo33rXlYZelRxBe6MyDBn7j8YQGhWHmuVW3hmI%2BLdXIx2Brfq7arse4XceHeQhAYUtDIRGyOnxje6aexw4wz%2B8EEZ23t6%2BKEOjAXkJ0LdEufvwWgda7RraepM1b1vRj8O76MnhMpqxsdfbhlUpn6EWd8WXWeMbe78al5kzN%2FXkkBMwZ4ZV66CFTasc0x4Xwf%2F1cFkSAwC4vElpGdE7WMuKCN2F%2B6yDsEIaahxA7MSTYVfNaDAfq0fwMXYedQ0B43mbMa69TWn%2BEA1g%3D%3D&p={searchTerms} SearchScopes: HKU\S-1-5-21-203050911-607489312-4017213877-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyzztBzz0AyCtB0CyE0F0A0C0F0DyEtDtN0D0Tzu0StBzzyBzztN1L2XzuyEtFyDyBtFtDtFyByDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyByB0Czy0Dzz0BtCtGtB0EtDtCtG0Bzy0AyEtGyB0E0DzztGtA0CzytCyC0EtDyEyByC0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzzytD1RzzyEtA1TtG1R1RyEtCtGyEyE1T1QtG1T1QzytAtG1StC1Tzz1PtD1OtDzztC1PyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyByEtDyBzytDtAzy%26cr%3D1972221719%26a%3Dwsg_aeuhewiom1bdfhjlntz65m_19_47_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-203050911-607489312-4017213877-1001 -> {38A5FEDD-B696-4394-B4F6-9D5D5C42D66C} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FCWtF9eTgFN9B7sUOejn9cqtH6i3ROAVaWoo6%2FT2LETUkojCZy5Jdo33rXlYZelRxBe6MyDBn7j8YQGhWHmuVW3hmI%2BLdXIx2Brfq7arse4XceHeQhAYUtDIRGyOnxje6aexw4wz%2B8EEZ23t6%2BKEOjAXkJ0LdEufvwWgda7RraepM1b1vRj8O76MnhMpqxsdfbhlUpn6EWd8WXWeMbe78al5kzN%2FXkkBMwZ4ZV66CFTasc0x4Xwf%2F1cFkSAwC4vElpGdE7WMuKCN2F%2B6yDsEIaahxA7MSTYVfNaDAfq0fwMXYedQ0B43mbMa69TWn%2BEA1g%3D%3D&p={searchTerms} Edge HomeButtonPage: HKU\S-1-5-21-203050911-607489312-4017213877-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FCsjqOs7%2BYVDGZVcac83ufZAuUgOubK5tGQXa3PqLjRt9VKBO3MI4WYtbm3%2FD3tlemYGIavtjp%2BJwrumXvcYmUUxXMF0ie%2BwxPBWTPL2YsDzpXqBtFG1tbWAg3XtQjVJQeYK6V%2FAquE7v8cvQNnUbwvVktmJCInJo%2B4vph5jlCWqFbvHHa2Crbr9z9XjqjhxyNq8mFcNRGnC%2Bkyw1RW91a1R7P40I9xtrJ%2Fd38MLE6KnaqSxqRXUc8%2BAhDofSaXgvL8mHXyGWBz%2FsBvVS%2FE8PLMZN3zxTHl3g8y3TH5H%2BCKJgh2l4PSey5a1yoSlOeCx4w%3D%3D CHR HomePage: Default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FLEbgNsJ9aK54tqyJR8N15UXjHtz81QFwTeCRhIRcfocikhEuZAY5VJrDAeq3mI5ucDoeTY2SDSe%2Bkx6O0GBbLBbYhbxwHZdJHYNt3N2ChGi41SlzH%2B%2BbC4gXAkKUttL5eBYHDtfi2eD6zG6DqnazIyOG2LOhnsksxGTrmFbaW3mxC9CRKT1M%2FSUUGbMZukdfUjrE5PaoCZiqbPE1%2FvqOsQhPNnUdrgr3cWJRnqcn6pEYGEv19b%2FLYdObHwNDvKlE6QSEIvOddpW9w04UmpZEZwIgxSNjSXlKwgzTJ69vyG4D%2FiprXrtQ9JR5dfz763XTvpmNlPymxduWj6N%2BzMjVP4%3D CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m004719¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQpmQ9eSnoR7sPMIdCjo36FBrXBu0mCGUZixdGSVwbw8Cx6lG8kgtzypIfetaEpadxTBZLTCvsFc2Db8ddjGK%2BNXL7xSePy22lii%2FNxRlBTsl0m%2BXviEYYxtoEv8XajiSdnYg2jfLuDy4oqIscdK2bKjtA9lcSkBiGd%2BPmWD1eEg7HWDJTxCqXocJ3tjTLUq6oUao3J3bxU3eM8Ku89IScLMQrdDkK8FpZ%2BdclQwUu07MZTNfsNE31QgolJX3Im3%2Foj0dFGA0hfPxrcnZEPWBtnsUQ0DahREA7LWBIc5Oo9lMlIYJ%2F10zHa78HuoyUoSSKVDm%2Fuxupc%2Byoeoivhb4llYLXt6FeGNwWslov0Qk2NlQ%3D" CHR Notifications: Default -> hxxps://bestcb.info; hxxps://coub.com; hxxps://de.depositphotos.com; hxxps://fr.dreamstime.com; hxxps://www.girlscv.com; hxxps://www.mysexybabes.com; hxxps://www.pinterest.fr; hxxps://www.pixiz.com; hxxps://www.pornrewind.com; hxxps://www.youtube.com CHR HKLM\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg] CHR HKLM\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] CHR HKU\S-1-5-21-203050911-607489312-4017213877-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg] CHR HKU\S-1-5-21-203050911-607489312-4017213877-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] CHR HKLM-x32\...\Chrome\Extension: [bhoagceacaklimpcejjofabngcjkebfg] CHR HKLM-x32\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4561616 2019-11-07] (Digital Communications Inc -> Digital Communications Inc) R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [185040 2019-11-07] (Digital Communications Inc -> Digital Communications Inc) R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84472 2019-11-07] (Digital Communications Inc. -> Digital Communications Inc) 2019-11-18 13:19 - 2019-12-01 19:17 - 000000000 ____D C:\ProgramData\AVAST Software 2019-11-18 13:19 - 2019-11-19 15:47 - 000000000 ____D C:\Users\ssbbd\AppData\Local\chromium 2019-11-18 13:18 - 2019-12-02 13:51 - 000000000 ____D C:\Program Files (x86)\Segurazo 2019-11-18 13:18 - 2019-11-18 13:18 - 000000000 ____D C:\Users\ssbbd\AppData\Roaming\segurazoclient 2019-11-18 13:18 - 2019-11-18 13:18 - 000000000 ____D C:\ProgramData\Segurazo 2019-11-18 13:18 - 2019-11-18 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo 2019-11-18 13:12 - 2019-11-19 15:47 - 000000000 ____D C:\Program Files (x86)\Chromium 2019-11-18 13:11 - 2019-11-18 13:20 - 000000000 ____D C:\Users\ssbbd\AppData\Local\{A3EA95B6-8742-F90E-EADA-DCE6CEB2207E} 2019-11-18 13:09 - 2019-11-18 13:20 - 000000000 ____D C:\ProgramData\mgdga ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier EmptyTemp: End::