start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction
HKU\S-1-5-21-2035457706-3331799228-1311692318-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
Task: {2171c49a-ba31-43e2-a754-0807f29110da} - pas de chemin du fichier
Task: {D3F58B56-7202-4EA2-827F-176563739087} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {FCF9414D-4E08-4516-8E88-E16F9E6FAF2E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe
Task: {4AA32B7D-4C15-49A1-99EA-8B6116DF24E1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {768981C7-6905-422D-9469-CA823DD1FFB2} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26]
2022-05-11 09:31 - 2022-05-11 09:30 - 000218088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf060285e1ef46b34.tmp
2022-05-11 09:31 - 2022-05-11 09:29 - 000287056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-05 15:02 - 2020-11-16 23:27 - 000000000 ____D C:\Users\jacqu\AppData\Roaming\Avast Software
2022-06-05 15:02 - 2020-11-16 23:22 - 000000000 ____D C:\Program Files\Avast Software
2022-06-05 15:02 - 2019-12-03 16:59 - 000000000 ____D C:\ProgramData\AVAST Software
C:\Program Files (x86)\Kaspersky Lab
C:\ProgramData\Kaspersky Lab Setup Files
C:\Users\jacqu\AppData\Local\Kaspersky Lab
C:\Users\Default\AppData\Local\Kaspersky Lab
C:\Users\Default User\AppData\Local\Kaspersky Lab
2022-05-31 08:34 - 2019-12-03 17:01 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2022-05-13 17:31 - 2020-11-16 23:23 - 000381616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw21ed73b3d350bfb0.tmp
2022-05-11 09:32 - 2020-11-16 23:23 - 000317832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw11c77f7f288b1554.tmp
2022-05-11 09:30 - 2020-11-16 23:23 - 000255144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw02558ed2b2c7511d.tmp
2022-05-11 09:30 - 2020-11-16 23:23 - 000102568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6e2c2aefc9073197.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000857488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69afdc1ca5a0a85a.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000558768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw39157893ade9adf8.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000548976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw52d9c11afe3984bc.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000271592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw802358b0dfc45572.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000232648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw877cea86becae976.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000111056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5af4b5735cd8dc9.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000086120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswe81d1736d5e31fcf.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000044568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4bd2b424ea51ca75.tmp
2022-05-11 09:29 - 2020-11-16 23:23 - 000038936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw785513d7f29941b3.tmp
MSCONFIG\Services: RetailDemo => 3
HKU\S-1-5-21-2035457706-3331799228-1311692318-1001\...\StartupApproved\Run: => "Application Restart #1"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-2035457706-3331799228-1311692318-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
HKU\S-1-5-21-2035457706-3331799228-1311692318-1001\...\StartupApproved\Run: => "CCXProcess"
EmptyTemp:
cmd: ipconfig /flushdns
cmd: chkdsk /scan
cmd: sfc /scannow
end::