start:: CreateRestorePoint: CloseProcesses:...

Posté le 7 décembre 2019
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
C:\Program Files\Common Files\McAfee
C:\Windows\System32\mfevtps.exe
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-11-24]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
C:\Program Files\AVAST Software
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {03B036FB-0B38-4A6B-AC93-0B6437898CB2} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {0CE35295-76C9-4404-B343-C9A80018D8B8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
C:\Program Files\Common Files\AV
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
SearchScopes: HKU\S-1-5-21-234439801-2927989602-1863577032-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-234439801-2927989602-1863577032-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKU\S-1-5-21-234439801-2927989602-1863577032-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-02] (McAfee, Inc. -> McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-06-04] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-02] (McAfee, Inc. -> McAfee, Inc.)
S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [77544 2015-05-29] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [412152 2015-06-02] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347544 2015-05-29] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80792 2015-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [496888 2015-05-29] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875416 2015-05-29] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [492000 2015-05-27] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2015-05-27] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-05-29] (McAfee, Inc. -> McAfee, Inc.)
2019-12-05 19:23 - 2019-12-05 19:23 - 000000000 ____D C:\avast! sandbox
2019-12-07 12:22 - 2015-12-29 20:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-12-05 21:02 - 2015-08-11 15:16 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-05 21:02 - 2015-08-11 15:16 - 000000000 ____D C:\Program Files\AVAST Software
2019-12-05 20:58 - 2015-12-29 22:47 - 000000000 ____D C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Roaming\AVAST Software
2019-12-05 20:50 - 2015-12-29 23:11 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-12-05 20:49 - 2019-10-13 19:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-07-17 14:44 - 2019-07-17 14:44 - 000004608 _____ () C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-19 15:03 - 2016-04-14 20:04 - 000000600 _____ () C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Local\PUTTY.RND
2017-06-04 21:44 - 2017-06-04 21:44 - 000000000 _____ () C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Local\{07D88146-3EF6-4CB5-B9EE-65960AEEB711}
2017-06-19 21:09 - 2017-06-19 21:09 - 000000000 _____ () C:\Users\alexandra.DESKTOP-08RN9E0\AppData\Local\{C8D68498-BD98-40B1-9EBA-748A9CB0970C}
EmptyTemp:
cmd: ipconfig /flushdns
end::