start:: CreateRestorePoint: CloseProcesses: Hosts: RemoveProxy: HKU\S-1-5-21-1070776268-287036329-3458378410-1001\...\MountPoints2: {81bf87e7-0332-11e8-83c6-d897ba81647c} - "J:\AUTORUN.EXE" HKU\S-1-5-21-1070776268-287036329-3458378410-1001\...\MountPoints2: {b30fbba4-8e9a-11e5-825b-d897ba81647c} - "H:\LaunchU3.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForCARMIN.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\McAfee Cleanup.job => C:\Users\CARMIN\AppData\Local\Temp\MCPR.tmp\mccleanup.exeĊ-p mpfpcu,mpfp,mps,shred,mpscu,mskcu,msk,emproxy,mas,fwdriver,hw,mbk,mcproxy,mhn,mqccu,mqc,shrd,nmc,redir,mna,mwl,msad,vs,msc,mcpr -log C:\Users\CARMIN\AppData\Local\Temp -w C:\Users\CARMIN\AppData\Local\Temp\MCPR.tmp <==== ATTENTION HKU\S-1-5-21-1070776268-287036329-3458378410-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {20591AD3-1E61-46E9-B40A-21BDF0A6A194} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1070776268-287036329-3458378410-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier BHO-x32: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-22] (Oracle America, Inc. -> Oracle Corporation) FF Extension: (Avast Online Security) - C:\Users\CARMIN\AppData\Roaming\Mozilla\Firefox\Profiles\3q7jxive.default-1554878590060\Extensions\wrc@avast.com.xpi [2020-01-23] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] 2020-01-26 08:56 - 2015-11-18 17:27 - 000000000 ____D C:\ProgramData\AVAST Software 2020-01-26 08:42 - 2018-06-22 06:52 - 000000000 ____D C:\Users\CARMIN\AppData\Local\AVAST Software 2020-01-26 08:17 - 2018-06-14 13:16 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCARMIN.job 2019-06-11 07:46 - 2019-06-11 07:46 - 000003584 _____ () C:\Users\CARMIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-11-23 10:12 - 2016-11-23 10:12 - 000000000 _____ () C:\Users\CARMIN\AppData\Local\{3F1E242A-AA34-4F90-893D-357B895F6CB1} ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Pas de fichier EmptyTemp: cmd: ipconfig /flushdns end::