start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe
HKU\S-1-5-21-1086236518-3958456705-3750095893-1001\...\RunOnce: [TrackerUpdate] => C:\ProgramData\Tracker Software\TrackerUpdate\TrackerUpdate.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-09-13]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
Task: {15190CB0-B852-4477-92C3-3B552B693862} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
Task: {881CFDA3-2378-480A-835F-403821347930} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe 
Task: {C9DE66AE-A2B1-4241-A44C-E865F3A212BA} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier
Task: {D5BC8E92-0FD9-4370-99A1-3C6D29CADFA9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF Plugin HKU\S-1-5-21-1086236518-3958456705-3750095893-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
2021-08-17 09:31 - 2021-08-17 09:31 - 000000000 ____D C:\AvayaWorkplaceWindows-3.18.0.64.6
CustomCLSID: HKU\S-1-5-21-1086236518-3958456705-3750095893-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\MLM\AppData\Local\GoToMeeting\16786\G2MOutlookAddin64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
SearchScopes: HKU\S-1-5-21-1086236518-3958456705-3750095893-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1086236518-3958456705-3750095893-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
EmptyTemp:
cmd: ipconfig /flushdns
end::