start:: closeprocesses: createrestorepoint:...

Édité le 27 septembre 2021
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ch.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_tfekjnksl_20_25_ssg75¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dch%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0C0E0BtD0D0AyByBtAtB0A0D0CtB0ByEtN0D0Tzu0StAtDzytDtN1L2XzuyDtFtCtFtDtFtCtCyDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyBtB0ByByDyCtDzztGtA0AtBtBtGyByByE0DtGtDyB0AtAtGzy0AtB0BtB0FtD0CyBtD0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA1T1Qzz1O1QyBtGtCtAtCyCtGyEtCtDtDtGzyyBtCtBtG1R1T1OzzyC1StByBtB1P1SyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzytByEtDtDyBtCtC%26cr%3D198195260%26a%3Dwsg_tfekjnksl_20_25_ssg75%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> {A921D80F-19FD-4A8E-9CD4-C138F0ABEF88} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {A921D80F-19FD-4A8E-9CD4-C138F0ABEF88} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3845530942-3854452456-405404209-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://ch.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_tfekjnksl_20_25_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dch%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0C0E0BtD0D0AyByBtAtB0A0D0CtB0ByEtN0D0Tzu0StAtDzytDtN1L2XzuyDtFtCtFtDtFtCtCyDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyBtB0ByByDyCtDzztGtA0AtBtBtGyByByE0DtGtDyB0AtAtGzy0AtB0BtB0FtD0CyBtD0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA1T1Qzz1O1QyBtGtCtAtCyCtGyEtCtDtDtGzyyBtCtBtG1R1T1OzzyC1StByBtB1P1SyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzytByEtDtDyBtCtC%26cr%3D198195260%26a%3Dwsg_tfekjnksl_20_25_ssg75%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3845530942-3854452456-405404209-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://ch.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_tfekjnksl_20_25_ssg75¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dch%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0C0E0BtD0D0AyByBtAtB0A0D0CtB0ByEtN0D0Tzu0StAtDzytDtN1L2XzuyDtFtCtFtDtFtCtCyDtN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyBtB0ByByDyCtDzztGtA0AtBtBtGyByByE0DtGtDyB0AtAtGzy0AtB0BtB0FtD0CyBtD0Dzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytA1T1Qzz1O1QyBtGtCtAtCyCtGyEtCtDtDtGzyyBtCtBtG1R1T1OzzyC1StByBtB1P1SyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzytByEtDtDyBtCtC%26cr%3D198195260%26a%3Dwsg_tfekjnksl_20_25_ssg75%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3845530942-3854452456-405404209-1001 -> {A921D80F-19FD-4A8E-9CD4-C138F0ABEF88} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE trusted site: HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\sharepoint.com -> hxxps://mwfxu-files.sharepoint.com
FirewallRules: [{728FFC28-C992-41EA-833A-A772F65AA36F}] => (Allow) C:\Users\Fanny\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [Fichier non signé]
C:\Users\Fanny\AppData\Local\Chromium
FirewallRules: [{56F7D3FA-BC33-4F87-9247-AED7A334A51D}] => (Allow) C:\Users\Fanny\AppData\Local\Temp\7zS2F45\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{603F847B-9022-4A94-81C7-FFF08136EB14}] => (Allow) C:\Users\Fanny\AppData\Local\Temp\7zS2F45\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{A96C92FA-CE11-4590-A5DB-487FD530EC31}] => (Allow) C:\Users\Fanny\AppData\Local\Temp\7zS505E\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{F309924F-60A7-4D99-8E2A-DC1D0F8E1C45}] => (Allow) C:\Users\Fanny\AppData\Local\Temp\7zS505E\HPDiagnosticCoreUI.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\Run: [easyxplore Update] => C:\Users\Fanny\AppData\Local\easyxplore\Update\1.3.99.0\easyxploreUpdateCore.exe [592384 2020-06-17] (easyxplore.) [Fichier non signé] <==== ATTENTION
C:\Users\Fanny\AppData\Local\easyxplore
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\Run: [Chromium] => "c:\users\fanny\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\Run: [electron.app.EasyXplore] => C:\Users\Fanny\AppData\Local\Programs\easyxplore\EasyXplore.exe [79950336 2020-06-01] (Tresdox Corporation) [Fichier non signé] <==== ATTENTION
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\RunOnce: [Application Restart #2] => C:\Users\Fanny\AppData\Local\chromium\Application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --flag-switches-begin --flag-switches-end --origin-trial-disab (l'élément de données a 109 caractères en plus).
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\RunOnce: [Application Restart #1] => C:\Users\Fanny\AppData\Local\chromium\Application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --flag-switches-begin --flag-switches-end --origin-trial-disab (l'élément de données a 109 caractères en plus).
HKU\S-1-5-21-3845530942-3854452456-405404209-1001\...\RunOnce: [Application Restart #0] => C:\Users\Fanny\AppData\Local\chromium\Application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session --flag-switches-begin --flag-switches-end --origin-trial-disab (l'élément de données a 109 caractères en plus).
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {32F0F866-ED38-46C6-A502-CB14A827C676} - System32\Tasks\easyxploreUpdateTaskUserS-1-5-21-3845530942-3854452456-405404209-1001UA => C:\Users\Fanny\AppData\Local\easyxplore\Update\easyxploreUpdate.exe [102400 2020-06-17] (easyxplore.) [Fichier non signé] <==== ATTENTION
Task: {9BB86F82-0E67-41EE-9EF1-25870A5B5AA1} - System32\Tasks\easyxplore_chk => C:\Users\Fanny\AppData\Local\Programs\easyxplore\EasyXplore.exe [79950336 2020-06-01] (Tresdox Corporation) [Fichier non signé] <==== ATTENTION
Task: {A4C123CB-D6FA-4AD3-89DD-06C9C04E9FF8} - System32\Tasks\easyxplore_run => C:\Users\Fanny\AppData\Local\Programs\easyxplore\EasyXplore.exe [79950336 2020-06-01] (Tresdox Corporation) [Fichier non signé] <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-06-17] (Chromium.) [Fichier non signé]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [2020-06-17] (Chromium.) [Fichier non signé]
FF Plugin HKU\S-1-5-21-3845530942-3854452456-405404209-1001: @easyxplor.com.com/easyxplore Update;version=3 -> C:\Users\Fanny\AppData\Local\easyxplore\Update\1.3.99.0\npeasyxploreUpdate3.dll [2020-06-17] (easyxplore.) [Fichier non signé]
FF Plugin HKU\S-1-5-21-3845530942-3854452456-405404209-1001: @easyxplor.com.com/easyxplore Update;version=9 -> C:\Users\Fanny\AppData\Local\easyxplore\Update\1.3.99.0\npeasyxploreUpdate3.dll [2020-06-17] (easyxplore.) [Fichier non signé]
CHR HKLM\...\Chrome\Extension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKLM\...\Chrome\Extension: [mcegpkkjabjeiddmpmgbmjlmiebfiofd]
CHR HKU\S-1-5-21-3845530942-3854452456-405404209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKU\S-1-5-21-3845530942-3854452456-405404209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mcegpkkjabjeiddmpmgbmjlmiebfiofd]
CHR HKLM-x32\...\Chrome\Extension: [bnbbhgcfmdnamgfgjfgjdkcjbofkjihb]
CHR HKLM-x32\...\Chrome\Extension: [mcegpkkjabjeiddmpmgbmjlmiebfiofd]
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [7054584 2020-06-17] (Digital Communications Inc -> Digital Com. Inc) <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [302328 2021-09-27] (Digital Communications Inc -> Digital Com. Inc) <==== ATTENTION
C:\Program Files (x86)\Digital Communications\SAntivirus
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
R1 SANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusKD.sys [90096 2020-06-17] (Digital Communications Inc. -> Digital Comm. Inc) <==== ATTENTION
2021-09-22 17:46 - 2021-09-22 17:46 - 000000000 ____D C:\Users\Fanny\AppData\Roaming\santivirusclient
emptytemp:
end::