start:: closeprocesses: createrestorepoint:...

Posté le 7 décembre 2020
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Pas de fichier
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [94]
AlternateDataStreams: C:\ProgramData\TEMP:9AE67195 [132]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Pas de fichier
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-1065155376-3745412895-840735929-1002\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_11AB338F86567D621C03E845CB9C5A41"
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_CF61D504F8E41475EEC22EA5CB39DAAA"
C:\Program Files\Avast Software
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3424032 2020-10-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [Spotify] => C:\Users\Megaport\AppData\Roaming\Spotify\Spotify.exe [23325416 2020-11-02] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [31387320 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-03-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1065155376-3745412895-840735929-1001\...\Run: [Gaijin.Net Updater] => C:\Users\Megaport\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2361600 2019-11-28] (Gaijin Network LTD -> Gaijin Entertainment)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {C18C3DFA-49A9-4116-80BE-8677D45C854F} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Megaport\Desktop\adwcleaner_8.0.8.exe [8447152 2020-11-04] (Malwarebytes Inc -> Malwarebytes)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Megaport\AppData\Roaming\Mozilla\Firefox\Profiles\t1t0hrj4.default\Extensions\sp@avast.com.xpi [2019-02-10]
FF SearchPlugin: C:\Users\Megaport\AppData\Roaming\Mozilla\Firefox\Profiles\t1t0hrj4.default\searchplugins\bing-lavasoft-ff59.xml [2018-12-02]
C:\Users\Megaport\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2020-12-07 16:46 - 2020-12-07 16:46 - 000003178 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-11-23 00:43 - 2020-11-23 00:42 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7e0c6a700ca8c022.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2ebbe9b1014f311a.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4f9811151de51a11.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-23 00:43 - 2020-11-23 00:42 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw301c0ae0d5419a39.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3603f1d9173ad7ff.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswb9d31bd2c3e1d86b.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw61b265ca183886c7.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw49465760aa7a3b0b.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4ff66d358ef9852e.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw87ce02d45bbefdd1.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw410055d048bd4d65.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw053463c57a6a386d.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2e3364d04a53ab65.tmp
2020-11-23 00:43 - 2020-11-23 00:42 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw950bf88f718d0970.tmp
2020-12-07 18:36 - 2017-08-15 01:52 - 000000000 ____D C:\Users\Megaport\AppData\Roaming\AVAST Software
2020-12-07 18:21 - 2017-08-26 12:55 - 000000000 ____D C:\Users\Megaport\AppData\Local\AVAST Software
2020-12-07 17:50 - 2020-04-07 16:45 - 000000000 ____D C:\Program Files\Avast Software
2020-12-07 17:50 - 2017-08-14 22:06 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-07 17:38 - 2019-07-01 22:12 - 000000000 ____D C:\Program Files\Defraggler
2020-11-25 16:24 - 2020-06-09 21:47 - 000082024 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
cmd: type C:\Users\Megaport\AppData\Roaming\trace_FilterInstaller.4.txt
hosts:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-image /Restorehealth
emptytemp:
end::