start::
SystemRestore: on
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
HKLM\SOFTWARE\Policies\Google: Restriction
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02]
HKU\S-1-5-21-107939278-742368977-3345852996-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2872320 2010-11-20]
Task: {5EDB7200-A3A9-4956-BEF4-D69D216692E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {9BBC9019-1FC7-4BA7-8FC7-D3D267F4FF71} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {AD350BDB-8353-436C-A1BF-F15CC1F0D151} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe
Task: {B1162BFB-9455-47F8-9B1C-E8DA13740DEE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {BF8C760A-A089-4940-9503-69EF17F6F891} - System32\Tasks\{042D82FB-F7AA-4027-89C9-35382B8D9011} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/fr/abandoninstall?page=tsWLM
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <non trouvé(e)>
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
S3 ALSysIO; \??\C:\Users\eric\AppData\Local\Temp\ALSysIO64.sys [X]
2022-02-21 16:06 - 2022-02-21 16:09 - 012574144 _____ (AVAST Software) C:\Users\eric\Downloads\avastclear.exe
2022-02-21 18:01 - 2018-04-12 07:25 - 000000000 ____D C:\Users\eric\AppData\Local\AVAST Software
2022-02-21 18:01 - 2012-12-26 16:25 - 000000000 ____D C:\ProgramData\AVAST Software
2019-09-25 17:52 - 2019-09-25 17:52 - 000000000 _____ () C:\Users\eric\AppData\Local\{02B28B4E-0937-4341-BBB2-0AE2014C5AB2}
2016-05-08 07:10 - 2016-05-08 07:10 - 000000000 _____ () C:\Users\eric\AppData\Local\{25AD0003-6F04-4DFF-BDB3-07BBF90C0693}
2019-09-25 11:34 - 2019-09-25 11:34 - 000000000 _____ () C:\Users\eric\AppData\Local\{F487484B-FBB9-4FA5-8C8B-BEA9E4B61B68}
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-107939278-742368977-3345852996-1001 -> {6AC63E17-B56A-4A89-A130-EEFF78EBCE4D} URL = hxxp://search.mywebs.pro/?k=1&q={searchTerms}
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Pas de fichier
BHO-x32: Pas de nom -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Pas de fichier
Toolbar: HKU\S-1-5-21-107939278-742368977-3345852996-1001 -> Pas de nom - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Pas de fichier
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL Pas de fichier
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
EmptyTemp:
cmd: ipconfig /flushdns
cmd: sfc /scannow
end::