start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKU\S-1-5-21-3644170085-3095622083-1297288111-1002\...\Run: [EasySupport Control Panel] => C:\EasySupport\EasySupport.exe
HKU\S-1-5-21-3644170085-3095622083-1297288111-1002\...\RunOnce: [DeleteMarkAny] => C:\Windows\SysWOW64\MASetupCleaner.exe C:\Program Files (x86)\MarkAny\ContentSafer
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
URLSearchHook: [S-1-5-21-3644170085-3095622083-1297288111-1001] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3644170085-3095622083-1297288111-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3644170085-3095622083-1297288111-1002 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=dntHTdmbwL5AModvcU32P12chRs?q=
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION
2018-07-09 13:05 - 2018-07-09 13:05 - 000000000 ____D C:\Program Files (x86)\F-Secure
2018-07-09 13:04 - 2018-07-11 11:57 - 000000000 ____D C:\ProgramData\F-Secure
2018-07-09 13:04 - 2018-07-09 13:24 - 000000000 ____D C:\Users\jeanpaul\AppData\Local\F-Secure
2018-07-09 13:02 - 2018-07-11 12:00 - 000000000 ____D C:\Users\jeanpaul\AppData\LocalLow\Adblock Plus for IE
2018-07-09 12:22 - 2018-07-11 11:48 - 000000000 ____D C:\Users\jeanpaul\AppData\Roaming\TeamViewer
2018-07-09 12:22 - 2018-07-11 11:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-07-09 12:21 - 2018-07-09 13:02 - 000000481 ____C C:\EasySupport.txt
2018-07-09 12:20 - 2018-07-09 12:20 - 000000000 ____D C:\Users\Public\Documents\AvBit
2018-07-09 12:20 - 2018-07-09 12:20 - 000000000 ____D C:\Users\jeanpaul\AppData\Local\EasySupport
2018-07-09 12:10 - 2018-07-09 12:16 - 000000000 ____D C:\Users\jeanpaul\Documents\PC ProCleaner
2018-07-09 12:05 - 2018-07-09 12:09 - 029622626 _____ C:\Users\jeanpaul\Downloads\E.S. Clean 5.6.4.exe
2018-07-09 12:05 - 2018-07-09 12:08 - 032556520 _____ (EasySupport) C:\Users\jeanpaul\Downloads\Install EasySupport.exe
2018-07-09 12:05 - 2018-07-09 12:05 - 003988728 _____ (Avbit Inc. ) C:\Users\jeanpaul\Downloads\PcProCleaner.exe
2018-07-09 12:05 - 2018-07-09 12:05 - 000919008 _____ (F-Secure Corporation) C:\Users\jeanpaul\Downloads\F-SecureNetworkInstaller.exe
2018-07-09 11:27 - 2018-07-09 11:27 - 000000715 _____ C:\Program Files (x86)\LMIR0002.tmp.bat
2018-07-09 11:27 - 2018-07-09 11:27 - 000000520 _____ C:\Program Files (x86)\LMIR0002.tmp_r.bat
2018-07-09 11:02 - 2018-07-09 12:01 - 000000000 ____D C:\Users\jeanpaul\AppData\Roaming\Tecnokrats
2018-07-09 11:00 - 2018-07-11 11:29 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2018-07-09 12:46 - 2015-03-21 11:50 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-11 11:34 - 2018-02-20 12:41 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswd8fad45a8beb4ee2.tmp
2018-06-11 11:34 - 2018-02-20 12:41 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\asweaf25b8c3502a6a9.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe48cae9ee6732c33.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5dcfab1f713f41d1.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf8129837ffde6ea9.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\asw17f52e0224bbefe4.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswfe37bb0828cc8b58.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\asw358973e7bbc3f037.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9b08bec4175c182c.tmp
2018-06-11 11:34 - 2015-03-21 12:00 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswc43c553f84edbb16.tmp
2018-07-09 11:27 - 2018-07-09 11:27 - 000000715 _____ () C:\Program Files (x86)\LMIR0002.tmp.bat
2018-07-09 11:27 - 2018-07-09 11:27 - 000000520 _____ () C:\Program Files (x86)\LMIR0002.tmp_r.bat
HKU\S-1-5-21-3644170085-3095622083-1297288111-1002\...\ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
Task: {08CBE31D-2416-450C-B0C7-20A4CBF08994} - \AvastUpdateTaskMachineCore -> Pas de fichier
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Pas de fichier
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Pas de fichier
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Pas de fichier
Task: {342FCC58-A535-4192-989B-C9A9F2FA944B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3E0EAFA7-580A-47FA-BFE6-5E80743026E9} - \AvastUpdateTaskMachineUA -> Pas de fichier
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Pas de fichier
Task: {8FC44785-5388-40C4-82E9-E232FBFDB285} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {908D83D7-FF2D-4530-BA27-07063AA13C5A} - System32\Tasks\{21FEEF7A-B146-49F1-BE2B-9B8A7154B16C} => C:\Windows\system32\pcalua.exe -a C:\Users\jeanpaul\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Pas de fichier
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Pas de fichier
Task: {E6931556-7388-4D45-9D79-D763A63925E4} - \avastBCLRestart_chrome.exe -> Pas de fichier
AlternateDataStreams: C:\Windows\system32\Drivers\gfkempqq.sys:changelist [522]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
cmd: ipconfig /flushdns
end::