start::
closeprocesses:
createrestorepoint:
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-878115687-1626774409-941966078-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Ffayce\AppData\Local\Google\Update\1.3.35.301\psuser_64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => -> Pas de fichier
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => -> Pas de fichier
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
AlternateDataStreams: C:\Users\Ffayce\AppData\Local\P15iubitjev87:KO0pQcenhzqHYa0rNOyKZ6h [2204]
SearchScopes: HKU\S-1-5-21-878115687-1626774409-941966078-1001 -> {7DA31161-4B5F-4BE7-9997-68851B9B3DC4} URL =
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc. -> McAfee, Inc.)
IE trusted site: HKU\S-1-5-21-878115687-1626774409-941966078-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"SmartScreenEnabled"="warm"
EndRegedit:
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-878115687-1626774409-941966078-1001\...\Run: [AdobeBridge] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0E843531-21FD-400C-BDDD-4F8110CB336A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {12163D00-2FD6-4211-8A8B-C2C2F45F2636} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {134AA322-86BC-4E52-B0CB-FC1BACB8572C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {1C2901DB-C011-4335-A078-7277815CCB7E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {4E63D3A1-81F8-4530-A86E-E5E153CF9DC0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {613092DA-7E68-498A-9230-48FA79599ADC} - \tortuga -> Pas de fichier <==== ATTENTION
Task: {66A44F86-4ED9-4BEB-98EB-8B865C681C29} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {686D44BF-70D0-482A-AF13-90613A3E2EE4} - \cfr3011 -> Pas de fichier <==== ATTENTION
Task: {7366A965-62F2-439B-87F9-BCDB45D6C9E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9F9393B4-F2B5-4CB6-8475-F9750F97AD8E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {A23075CE-47A1-4D6F-A9D6-F6851593AE18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {AFB8DE5F-B6C5-4CD9-AB65-795B44CE594E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} "C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe"
Task: {B43CB91C-77F4-4E53-B857-C73B998BED31} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {D036CA4C-7C59-4C48-8C5C-E007B252DABA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {D0C7FEC7-B9B4-4B2B-A997-C2099AE57105} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {D7C23CC7-D55B-46D0-858E-EB2B69BD467D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Ffayce\AppData\Roaming\Mozilla\Firefox\Profiles\pj2phmlx.Ffayce-1511016664220\Extensions\sp@avast.com.xpi [2018-12-21] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\Ffayce\AppData\Roaming\Mozilla\Firefox\Profiles\pj2phmlx.Ffayce-1511016664220\Extensions\wrc@avast.com.xpi [2020-06-18]
FF HKLM-x32\...\Firefox\Extensions: [support@geticommerce.com] - C:\Program Files (x86)\Up Pro\up_pro-0.9.35.2-fx.xpi => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\NPMCSN~1.DLL [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [2015-07-21] (McAfee, Inc. -> )
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\671689640.js [2017-02-07] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-07]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\671689640.cfg [2017-02-07] <==== ATTENTION
CHR DefaultSearchKeyword: Default -> Adaware Secure
C:\Users\Ffayce\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
C:\Users\Ffayce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
C:\Users\Ffayce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
C:\Users\Ffayce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc. -> McAfee, Inc.)
C:\Program Files\Common Files\McAfee
S2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc. -> McAfee, Inc.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET, spol. s r.o. -> ESET)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc. -> McAfee, Inc.)
2020-11-12 19:48 - 2018-05-01 14:54 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-12 14:35 - 2018-06-21 08:16 - 000000000 ____D C:\Users\Ffayce\AppData\Local\AVAST Software
cmd: netsh advfirewall reset
emptytemp:
end::