start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-25] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1564BC9A-F6B5-4725-A6CD-B50F86313838} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
C:\Program Files\Common Files\AVAST Software
Task: {9A189C17-712B-4CE1-B26C-5DDE6B891C80} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2ff12416-d4f0-4b58-a9b5-e1ef6d166b6d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47847e1a-4e4e-461f-b97f-f1d668bc3a70}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{9b88abd3-a0d3-447a-bc8b-1a178f3420aa}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{b6f41345-6560-4ddd-9908-51da302cb3a8}: [DhcpNameServer] 192.168.1.1
[UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (COBA) - C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\zwrcksnu.default-release\Extensions\coba@mozilla.com.cn.xpi [2019-07-20] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json]
FF Extension: (Addons Manager) - C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\zwrcksnu.default-release\Extensions\cpmanager@mozillaonline.com.xpi [2019-09-08] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (Easy Screenshot) - C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\zwrcksnu.default-release\Extensions\easyscreenshot@mozillaonline.com.xpi [2019-07-20]
FF Extension: (Tab Tweak) - C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\zwrcksnu.default-release\Extensions\tabtweak@mozillaonline.com.xpi [2019-07-20] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (WeChat Helper by MoCoCN) - C:\Users\Benjamin\AppData\Roaming\Mozilla\Firefox\Profiles\zwrcksnu.default-release\Extensions\wx-assistant@mozillaonline.com.xpi [2019-07-20] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json]
FF Extension: (Firefox Homepage) - C:\Program Files\Mozilla Firefox\distribution\extensions\cehomepage@mozillaonline.com.xpi [2019-07-17] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (COBA) - C:\Program Files\Mozilla Firefox\distribution\extensions\coba@mozilla.com.cn.xpi [2019-07-17] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json]
FF Extension: (Addons Manager) - C:\Program Files\Mozilla Firefox\distribution\extensions\cpmanager@mozillaonline.com.xpi [2019-07-17] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (Easy Screenshot) - C:\Program Files\Mozilla Firefox\distribution\extensions\easyscreenshot@mozillaonline.com.xpi [2019-07-17]
FF Extension: (Tab Tweak) - C:\Program Files\Mozilla Firefox\distribution\extensions\tabtweak@mozillaonline.com.xpi [2019-07-17] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%]
FF Extension: (WeChat Helper by MoCoCN) - C:\Program Files\Mozilla Firefox\distribution\extensions\wx-assistant@mozillaonline.com.xpi [2019-07-17] [UpdateUrl:hxxps://addons.firefox.com.cn/chinaedition/addons/updates.json]
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
U3 aswbdisk; pas de ImagePath
S3 GENERICDRV; \??\C:\Users\Benjamin\AppData\Local\Temp\amifldrv64.sys [X] <==== ATTENTION
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
2020-01-25 18:27 - 2020-01-25 18:27 - 010823512 _____ (AVAST Software) C:\Users\Benjamin\Downloads\avastclear.exe
2020-01-25 18:27 - 2020-01-25 18:27 - 010823512 _____ (AVAST Software) C:\Users\Benjamin\Downloads\avastclear (1).exe
2020-01-25 17:20 - 2020-01-25 17:20 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-01-19 16:35 - 2020-01-19 16:35 - 000000000 ____D C:\ProgramData\SUPERSetup
2020-01-19 16:34 - 2020-01-19 16:34 - 043996504 _____ (SUPERAntiSpyware) C:\Users\Benjamin\Downloads\SUPERAntiSpyware.exe
2020-01-25 18:30 - 2019-11-15 21:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-25 18:27 - 2019-11-15 21:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.16.0_x64__wafk5atnkzcwy
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
hortcut: C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-MS to MP4\Website.lnk -> hxxp://www.dvr-ms.com
ShortcutWithArgument: C:\Users\Benjamin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
FirewallRules: [UDP Query User{5DD5AFA3-7879-4A29-ACEA-2E3DE03A9CC3}C:\program files (x86)\lg software\lg smart share\dms\smartsharedms.exe] => (Block) C:\program files (x86)\lg software\lg smart share\dms\smartsharedms.exe Pas de fichier
FirewallRules: [TCP Query User{D8B25FBC-F62D-48F8-A585-E7B5EC1B9763}C:\program files (x86)\lg software\lg smart share\dms\smartsharedms.exe] => (Block) C:\program files (x86)\lg software\lg smart share\dms\smartsharedms.exe Pas de fichier
FirewallRules: [UDP Query User{5B0C6294-490F-4B0A-BE03-D751CC2BEF0F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe Pas de fichier
FirewallRules: [TCP Query User{D1554A38-5633-44A3-B6B8-0867406BE922}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe Pas de fichier
EmptyTemp:
cmd: ipconfig /flushdns
end::