start:: CreateRestorePoint: CloseProcesses:...

Posté le 5 mai 2020
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {089B7067-F084-414B-B0AF-D606F3BDA315} - System32\Tasks\{9CC326CF-E219-4FDE-A2DC-19DC1E112A05} => C:\Windows\system32\pcalua.exe -a C:\Users\Gustavo\Downloads\RegCleaner.exe -d C:\Users\Gustavo\Downloads
Task: {B8F34BC4-BAAD-4014-B2A1-D3649E1EB535} - System32\Tasks\{49FDA421-4C9E-4AA7-838E-08AE328BBA24} => C:\Windows\system32\pcalua.exe -a C:\Users\Gustavo\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=slbnew
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.0.254,-1]
HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=
HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4169239431-1271063650-1402437298-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1429612874&from=ima&uid=ST9640423AS_5WS1CMMXXXXX5WS1CMMX
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1429612874&from=ima&uid=ST9640423AS_5WS1CMMXXXXX5WS1CMMX&q=
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKU\S-1-5-21-4169239431-1271063650-1402437298-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
S2 HPSLPSVC; C:\Users\Gustavo\AppData\Local\Temp\7zS5BB4\hpslpsvc64.dll [X] <==== ATTENTION
S2 TomTomHOMEService; "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X]
S3 WsDrvInst; "C:\Program Files (x86)\Keepvid\KeepVid Music\DriverInstall.exe" [X]
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22]
2020-05-02 17:02 - 2020-05-02 17:02 - 000000000 ____D C:\Program Files (x86)\EPSON
CustomCLSID: HKU\S-1-5-21-4169239431-1271063650-1402437298-1001_Classes\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\msseedir.dll => Pas de fichier
ContextMenuHandlers1: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> Pas de fichier
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
ContextMenuHandlers6: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> Pas de fichier
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Pas de fichier
AlternateDataStreams: C:\ProgramData\Temp:054B9966 [140]
AlternateDataStreams: C:\ProgramData\Temp:8CE646EE [112]
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: sfc /scannow
end::