start:: CreateRestorePoint: CloseProcesses:...

Posté le 28 septembre 2020
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
Task: {184136F6-030D-472A-ADED-4B56D0CC6B19} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {83AEEB60-B7BB-423E-AACA-459565F172F7} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {B79505E1-F2E8-424F-847D-A3CAD726C415} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {BDA70942-7F97-43B0-9F63-33180922A3D5} - System32\Tasks\ChromiumUpdateTaskMachineUA => C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [102400 2019-09-05]
Task: {DA8E7286-B98B-4CE5-BA2E-F1BF23E4CE41} - System32\Tasks\ChromiumUpdateTaskMachineCore => C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [102400 2019-09-05]
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.11.6.0_neutral__v68kp9n051hdp [2020-07-24]
Edge DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/yhs/search?hspart=ner&hsimp=yhs-001&type=
Edge DefaultSearchKeyword: Default -> search by Yahoo
FF Homepage: Mozilla\Firefox\Profiles\swsopny5.default-release -> hxxps://fr.search.yahoo.com/yhs/web?hspart=
FF Extension: (Norton Password Manager) - C:\Users\Actif\AppData\Roaming\Mozilla\Firefox\Profiles\swsopny5.default-release\Extensions\idsafe@norton.com.xpi [2019-12-15]
FF Extension: (Norton Safe Web) - C:\Users\Actif\AppData\Roaming\Mozilla\Firefox\Profiles\swsopny5.default-release\Extensions\nortonsafeweb@symantec.com.xpi [2019-12-15]
CHR HKLM-x32\...\Chrome\Extension: [bhdinjalofclbacjijgifpahcnjapclb]
CHR HKLM-x32\...\Chrome\Extension: [pfnciekpafndamlomnebbfophenfehbc]
S2 chromium; C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [102400 2019-09-05] (Chromium.) [Fichier non signé] <==== ATTENTION
S3 chromiumm; C:\Program Files (x86)\Chromium\Update\ChromiumUpdate.exe [102400 2019-09-05] (Chromium.) [Fichier non signé] <==== ATTENTION
S1 SMR523; \SystemRoot\System32\drivers\SMR523.SYS [X]
2020-09-05 20:08 - 2020-09-05 20:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2020-09-22 23:39 - 2019-09-07 13:04 - 000000000 ____D C:\ProgramData\Norton
2020-09-22 23:03 - 2019-09-07 13:06 - 000000000 ____D C:\ProgramData\NortonInstaller
2020-09-05 15:56 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-09-05 15:56 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-08-29 18:32 - 2019-09-07 13:32 - 000000000 ____D C:\Program Files\Common Files\AV
CustomCLSID: HKU\S-1-5-21-2329423879-699262184-2287041894-1001_Classes\CLSID\{F7B8E2CA-97DF-4974-BDF1-3D93EDC93A5E}\InprocServer32 -> C:\Users\Actif\AppData\Local\WallpaperHd\WallpaperHdLib64.dll => Pas de fichier
HKU\S-1-5-21-2329423879-699262184-2287041894-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.qwant.com/
SearchScopes: HKLM -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=shnl&hsimp=
SearchScopes: HKLM-x32 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-2329423879-699262184-2287041894-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-2329423879-699262184-2287041894-1001 -> {991D506D-8987-4E14-99FA-9DA83F21780D} URL = hxxps://www.qwant.com/?q=
SearchScopes: HKU\S-1-5-21-2329423879-699262184-2287041894-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q=
Toolbar: HKU\S-1-5-21-2329423879-699262184-2287041894-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
HKU\S-1-5-21-2329423879-699262184-2287041894-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_89187E296B09B910951B1011AD571E45"
FirewallRules: [{42D1C03C-22E6-49E8-9943-F2B8823492C5}] => (Allow) C:\Users\Actif\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{A8A22DA7-FCBD-44CF-AFD5-6F70D5B3CBD0}] => (Allow) C:\Users\Actif\AppData\Roaming\Zoom\bin\Zoom.exe => Pas de fichier
FirewallRules: [{51B5D182-1210-4B83-8A07-3CE8705A0A5F}] => (Allow) C:\Users\Actif\AppData\Local\Chromium\Application\chrome.exe => Pas de fichier
EmptyTemp:
end::