start:: closeprocesses: createrestorepoint: Toolbar: HKLM - Pas de nom - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier Toolbar: HKU\S-1-5-21-306210784-2016891843-256434939-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Toolbar: HKU\S-1-5-21-306210784-2016891843-256434939-1002 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" FirewallRules: [{FFBF3082-C8C0-4E4D-B40F-D62D776CAB68}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe => Pas de fichier FirewallRules: [{FCD971DE-D855-4FED-A77D-084A633F629B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe => Pas de fichier FirewallRules: [{845ED0EB-B96F-4A76-9E0C-F612F32B8A67}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => Pas de fichier HKU\S-1-5-21-306210784-2016891843-256434939-1002\...\MountPoints2: {81425883-2b5b-11eb-8018-d4c9ef6608af} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-306210784-2016891843-256434939-1002\...\MountPoints2: {a8130ba1-b2ea-11eb-8024-d4c9ef6608af} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-306210784-2016891843-256434939-1002\...\MountPoints2: {aa8cda43-aee2-11ea-800e-d4c9ef6608af} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-306210784-2016891843-256434939-1002\...\MountPoints2: {b847f4d8-0ad9-11ea-bfff-d4c9ef6608af} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-306210784-2016891843-256434939-1002\...\MountPoints2: {eca5d40c-eaca-11ea-8012-d4c9ef6608af} - "F:\HiSuiteDownLoader.exe" Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\90.1.9508.212\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level C:\Program Files (x86)\AVAST Software C:\Program Files\TrueKey HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKU\S-1-5-21-306210784-2016891843-256434939-1002\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {62630537-262A-454B-9CD3-43B2FBCAA317} - System32\Tasks\{690724AE-8056-4346-93F4-52EA68AB62FD} => C:\WINDOWS\system32\pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe -c -maintain pepperplugin Task: {867FEBAC-6AB4-4BD0-A7B8-1B0A9640822F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {AEEE5125-0910-47A1-A70E-95FBD638BB30} - System32\Tasks\SafeZone scheduled Autoupdate 1475305356 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {D7A879DF-6F9F-48E1-82FA-A48BC2E51861} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe Edge Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\famille\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2021-08-25] C:\Users\famille\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier] C:\Users\famille\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck C:\Users\famille\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X] S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X] 2021-08-27 20:58 - 2017-04-17 16:12 - 000000000 ____D C:\ProgramData\McAfee 2021-08-26 16:31 - 2017-04-17 16:29 - 000000000 ____D C:\Program Files\Common Files\McAfee 2021-08-25 20:54 - 2013-09-15 17:54 - 000000000 ____D C:\ProgramData\AVAST Software 2021-08-25 20:52 - 2013-09-15 17:55 - 000000000 ____D C:\Program Files\AVAST Software 2021-08-25 18:49 - 2018-04-07 18:10 - 000000000 ____D C:\Users\famille\AppData\Local\AVAST Software 2018-09-08 09:31 - 2018-09-08 09:31 - 000000000 _____ () C:\Users\famille\AppData\Local\{AECC5376-54E2-46FD-A5D7-A7B339BBBCCB} 2021-04-03 10:56 - 2021-04-03 10:56 - 000000000 _____ () C:\Users\famille\AppData\Local\{CC143D37-14CA-4D45-B9AB-BCBC3CA53749} 2021-04-03 10:56 - 2021-04-03 10:56 - 000000000 _____ () C:\Users\famille\AppData\Local\{D1D71F22-62AA-4A47-8DB1-1FD012FB7289} cmd: sfc /scannow emptytemp: end::