start::
closeprocesses:
createrestorepoint:
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4292763751-1860432251-532333310-1001 -> DefaultScope {D47D6087-7A42-48CF-AC47-A489A5028A7F} URL =
SearchScopes: HKU\S-1-5-21-4292763751-1860432251-532333310-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4292763751-1860432251-532333310-1001 -> {D47D6087-7A42-48CF-AC47-A489A5028A7F} URL =
BHO: Pas de nom -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Pas de fichier
BHO: Pas de nom -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Pas de fichier
Filter: text/xml - Pas de valeur CLSID
FirewallRules: [{D5348174-7650-43ED-9C84-D035021B6A55}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{00DF69F0-4CC7-4091-892A-6A9F77BB8439}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Task: {02EE179A-FCB7-4852-B513-8D8013E76F1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {21344014-C185-476F-AFFE-E4F16117BC7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {2548762A-833A-4996-8DC9-A6AEA0C5C7EE} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {3FFF77F2-04E6-4D94-9EB6-84E696CB75EF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {45EED88D-4E5C-4ACB-89D2-DFF565FB587D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {5458E298-7010-4241-B76C-77E6FC10301D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (Pas de fichier)
Task: {57B16A7C-6561-4A5B-BB65-D980E58B1271} - \WPD\SqmUpload_S-1-5-21-4292763751-1860432251-532333310-1001 -> Pas de fichier <==== ATTENTION
Task: {683AF870-CC75-460E-B875-188F2E5C6076} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Pas de fichier)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7628C49E-933E-4082-A29A-BA684D6F6F35} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {77F5C359-38EF-4DAF-B33C-1830FE14D109} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8D881CBE-71C2-4539-9556-6A071FF151A7} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {94D5CB9F-12D8-4EDD-AF03-5A50AFF1AAF8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9C41A5EC-F56C-455E-905E-295D7F84B133} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A1C9869F-2977-48B4-9A28-DA44AB5FA3F7} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (Pas de fichier)
Task: {A90DF924-B43C-4301-8A8F-78DD18DB9A0B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {AB5CA68F-5D77-4A67-9346-CD7E5E862C3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {BA700328-6037-46B3-A799-FF458E04E8A6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {C0FF9EB2-013D-407C-9B9E-8D95DBC741B2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {D166D19C-9D87-4092-B75F-06B2865A3430} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {E3B79ED1-12C8-4FD6-A2DB-474F8E477BD3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F891BD59-11C9-408C-BA99-51305A715A0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
C:\Users\claire\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc. -> McAfee, Inc.)
C:\Program Files\Common Files\McAfee
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
C:\Program Files\Avast Software
C:\Program Files (x86)\Wondershare
2022-10-29 22:51 - 2022-10-29 22:51 - 000000000 ____D C:\Users\claire\Documents\TotalAV
2022-10-29 22:45 - 2022-10-29 22:45 - 000000000 ____D C:\Users\claire\AppData\Local\GUI
2022-10-29 22:45 - 2022-10-29 22:45 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-10-29 22:44 - 2022-10-29 22:45 - 000000000 ____D C:\ProgramData\TotalAV
2022-10-29 22:44 - 2022-10-29 22:44 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-10-29 22:42 - 2022-10-29 22:43 - 057027168 _____ C:\Users\claire\Downloads\TotalAV.exe
2022-10-29 21:59 - 2022-10-30 15:59 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-29 21:59 - 2022-10-29 21:59 - 000268488 _____ (AVAST Software) C:\Users\claire\Downloads\avast_free_antivirus_setup_online.exe
2022-10-26 20:56 - 2019-01-20 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
emptytemp:
end::