Start:: CloseProcesses: CreateRestorePoint: 2019-11-08 09:36 - 2019-11-08 09:36 - 000006908 _____ () C:\Program Files\276t4zf-readme.txt 2019-11-08 09:36 - 2019-11-08 09:36 - 000006908 _____ () C:\Program Files (x86)\276t4zf-readme.txt HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Corporation) <==== ATTENTION Task: {079E7461-E127-4152-9B6E-7547A33932EB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [742912 2015-12-08] (Microsoft Corporation) Task: {33015EE2-D681-4610-B7C6-A494EC36A4D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {33015EE2-D681-4610-B7C6-A494EC36A4D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Corporation) Task: {5127D07C-10DA-4A59-9239-BF1F400E3217} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [519168 2015-12-08] (Microsoft Corporation) Task: {5E4B7276-D0D0-4F55-86D6-145F10D3EFD6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime Task: {5E4B7276-D0D0-4F55-86D6-145F10D3EFD6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Corporation) Task: {5FADD85A-4EBD-4BAA-94F3-76DE35518B93} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {5FADD85A-4EBD-4BAA-94F3-76DE35518B93} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {5FADD85A-4EBD-4BAA-94F3-76DE35518B93} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Corporation) Task: {790350CB-6C74-4AD7-AEDF-AAFECB7F35DC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {790350CB-6C74-4AD7-AEDF-AAFECB7F35DC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [354816 [354816 2015-12-08]] (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => non trouvé(e) CHR NewTab: Default -> Active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html", Not-active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.pinterest.fr CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\LOLO et JUJU\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-06] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ContextMenuHandlers1: [MagicISO] -> [CC]{DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> Pas de fichier ContextMenuHandlers4: [MagicISO] -> [CC]{DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> Pas de fichier ContextMenuHandlers6: [MagicISO] -> [CC]{DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> Pas de fichier FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe Pas de fichier FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe Pas de fichier AlternateDataStreams: C:\ProgramData\TEMP:1493A0EF [372] cmd: cscript %windir%\System32\slmgr.vbs /dli EmptyTemp: Cmd: ipconfig /flushdns End::