start::
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui (Pas de fichier)
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction
HKU\S-1-5-21-2121978954-1636498572-149131101-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent (Pas de fichier)
IFEO\cliconfg.exe: [VerifierDlls] Hibiki.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-08-20]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe () [Fichier non signé]
Task: {1F24765D-7B35-4991-B043-7AEFA00D652D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier)
Task: {38D388E0-BFD7-4C86-829F-575428EF46EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier)
Task: {3D98E9CB-9337-4560-A592-EE36EBA8C2CB} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Install => C:\Program Files (x86)\Orange Update\install.bat [0 2018-04-20]
Task: {82AA5933-05C9-40CB-8B68-8E5D9199430C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {BCCEF98E-DC2D-4E2F-8132-5C242A9DCC5A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (Pas de fichier)
Task: {D2E77102-3079-4601-8CE0-24A3A53004FA} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
FF Extension: (cacaoweb) - C:\Users\Véro\AppData\Roaming\Mozilla\Firefox\Profiles\x70s8sfy.default\Extensions\cacaoweb@cacaoweb.org [2017-02-19] [] [non signé]
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Véro\AppData\Roaming\Mozilla\Firefox\Profiles\x70s8sfy.default\Extensions\sp@avast.com.xpi [2020-07-14]
FF Extension: (Avast Online Security) - C:\Users\Véro\AppData\Roaming\Mozilla\Firefox\Profiles\x70s8sfy.default\Extensions\wrc@avast.com.xpi [2020-07-14]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Pas de fichier]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S3 MpKslad1f5833; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA6CCCD2-619E-4560-B839-9ECD0224A056}\MpKslDrv.sys [X]
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
IE trusted site: HKU\S-1-5-21-2121978954-1636498572-149131101-1000\...\video-futur.com -> hxxps://video-futur.com
EmptyTemp:
cmd: sfc /scannow
cmd: netsh winsock reset
end::