start:: CreateRestorePoint: CloseProcesses:...

Posté le 5 décembre 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKU\S-1-5-21-583278759-4094043391-2574475479-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4615616 2019-11-13] (Microsoft Windows -> Microsoft Corporation)
BootExecute: autocheck autochk /p \??\L:autocheck autochk /p \??\F:autocheck autochk /p \??\D:autocheck autochk /k:C *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3B335BD7-4915-4F53-B2C6-82570B21E7BD} - System32\Tasks\Software Updater SkipUAC(Anti-Bking CX30 JJAD) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4178192 2019-10-29]
Task: {7C5C1879-EEE9-4073-8277-FB5F4D29A980} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1788176 2019-10-08]
Task: {7F1CB1B8-8AEA-449E-995D-53535DBEC775} - System32\Tasks\Driver Tonic_Logon => C:\Program Files\Driver Tonic\dtn.exe [3917896 2019-06-18]
Task: {B9CDD039-3294-49AB-A511-28C54F749101} - System32\Tasks\AdwCleaner_onReboot => C:\Users\dedie\Downloads\adwcleaner_8.0.0.exe
Task: {F686E005-7572-4016-AED6-293D53F91D02} - System32\Tasks\Software Updater SkipUAC(dedie) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4178192 2019-10-29]
Winsock: Catalog5 08 C:\WINDOWS\SysWOW64\wlidnsp.dll [41472 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5 09 C:\WINDOWS\SysWOW64\wlidnsp.dll [41472 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [66048 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [66048 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-583278759-4094043391-2574475479-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-583278759-4094043391-2574475479-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-583278759-4094043391-2574475479-1001 -> {7B5E17A5-1DFB-4269-9519-177F01849132} URL =
FF Extension: (Search Manager) - C:\Users\dedie\AppData\Roaming\Mozilla\Firefox\Profiles\wife971k.default-nightly\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2019-12-02]
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKU\S-1-5-21-583278759-4094043391-2574475479-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]

unlock: C:\Program Files (x86)\Segurazo\SegurazoService.exe
C:\Program Files (x86)\Segurazo\SegurazoService.exe
unlock: C:\ProgramData\Segurazo\SegurazoIC.exe
C:\ProgramData\Segurazo\SegurazoIC.exe

R2 SegurazoIC; C:\ProgramData\Segurazo\SegurazoIC.exe [544360 2019-10-21]
S2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [187496 2019-10-21]
S3 3126115D; C:\WINDOWS\system32\drivers\3126115D.sys
BooS3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [40584 2015-08-27] (Threattrack Security, Inc. -> ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [32400 2016-03-04]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz139; \??\C:\Users\dedie\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] <==== ATTENTION
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [X]
2019-12-02 11:43 - 2019-12-02 11:47 - 000000000 ____D C:\Users\dedie\AppData\Local\{080C3E50-2CA4-52E8-413C-770065548B98}
2019-12-02 02:45 - 2019-12-02 02:45 - 000000000 ____D C:\Users\dedie_v168dba\AppData\Roaming\AVAST Software
2019-12-02 01:44 - 2019-12-02 01:44 - 000000000 ____D C:\Users\dedie\AppData\Roaming\segurazoclient
2019-12-01 19:04 - 2019-12-02 01:56 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-12-01 19:04 - 2019-12-01 19:04 - 000000000 ____D C:\ProgramData\Segurazo
2019-12-01 19:04 - 2019-12-01 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
2019-12-01 19:03 - 2019-12-01 19:04 - 018453560 _____ (Digital Communications Inc ©) C:\Users\Anti-Bking CX30 JJAD\Downloads\SegurazoSetup.exe
2019-12-01 07:36 - 2019-12-01 07:36 - 000032768 _____ C:\WINDOWS\system32\config\security.iobit
2019-12-01 02:56 - 2019-12-01 03:05 - 000002365 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2019-12-01 02:56 - 2019-12-01 03:05 - 000002365 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2019-12-01 01:31 - 2019-12-04 22:18 - 000000000 ____D C:\Users\dedie\AppData\Local\ESET
2019-12-01 01:31 - 2019-12-01 01:31 - 000001330 _____ C:\Users\dedie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-12-01 01:31 - 2019-12-01 01:31 - 000000784 _____ C:\Users\Anti-Bking CX30 JJAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-12-01 01:31 - 2019-12-01 01:31 - 000000000 ____D C:\Users\Anti-Bking CX30 JJAD\AppData\Local\ESET
2019-12-01 01:30 - 2019-12-01 01:30 - 008173880 _____ (ESET spol. s r.o.) C:\Users\Anti-Bking CX30 JJAD\Downloads\esetonlinescanner_fra.exe
2019-11-30 15:50 - 2019-11-30 15:50 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2019-11-30 15:50 - 2019-11-30 15:50 - 000000000 ____D C:\ProgramData\{95C5E491-738A-4522-B5A4-15274F7B3847}
2019-11-29 20:58 - 2019-11-29 20:58 - 000000000 ____D C:\Users\Anti-Bking CX30 JJAD\AppData\Roaming\AVAST Software
Boost (HKLM\...\{115FB0FD-1A0A-4C26-82A7-A6689A799BB9}) (Version: 1.0.2 - Reason Software Company Inc.) Hidden <==== ATTENTION
Segurazo Antivirus (HKLM-x32\...\Segurazo) (Version: 1.0.7.0 - Digital Communications Inc) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-583278759-4094043391-2574475479-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18B34E2F-9468-D082-79DE-C2E985889A47} => Pas de fichier
CustomCLSID: HKU\S-1-5-21-583278759-4094043391-2574475479-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {50837F82-9468-D082-D4EF-F2A185889A47} => Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers1: [Advanced System Protector] -> {00212D92-C5D8-4ff4-AE50-B20F0F85C40A} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Pas de fichier
ContextMenuHandlers1: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1070.dll [2019-10-21]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Pas de fichier
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
ContextMenuHandlers4: [Photo! 3D ScreenSaver] -> {AA7A03E6-7FA5-42E7-9D7A-9A2A4E344B3F} => -> Pas de fichier
ContextMenuHandlers4: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1070.dll [2019-10-21]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Pas de fichier
ContextMenuHandlers6: [SegurazoShellExtension.FileContextMenuExt] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\Program Files (x86)\Segurazo\SegurazoShell64_v1070.dll [2019-10-21]
EmptyTemp:
cmd: ipconfig /flushdns
end::