´╗┐start
closeprocesses:
createrestorepoint:
AV: PC Tools Spyware Doctor with AntiVirus (Disabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Emsisoft Anti-Malware (Disabled - Up to date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Pas de fichier
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Pas de fichier
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Pas de fichier
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Pas de fichier
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Pas de fichier
ShortcutWithArgument: C:\Users\gines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Black Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --user-data-dir="C:\ProgramData\ESET\ESET Security\OPP\S-1-5-21-2883973646-278277916-187614693-1001\EsetOPPChromeProfile" --profile-directory=Default --app-id=efhjkokigpcpjjliiablpikcjgbgjgpf
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [105]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
IE trusted site: HKU\S-1-5-21-2883973646-278277916-187614693-1001\...\hola.org -> hxxp://hola.org
C:\Program Files\AVG
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [2447104 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
BootExecute: autocheck autochk * icarus_rvrt.exe
Task: {1F4C0313-368B-408F-A943-1086B9950A76} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\IObit
Task: {58EE369D-91E5-426D-9A17-CC22C0B84ED5} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4665600 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid d6a1e20e-c127-4d89-877b-b7c8aae44a9e
Task: {629914A9-CED9-4157-873E-F9790922FE9D} - System32\Tasks\ASC_SkipUac_regis => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {671AA359-F652-489F-8C1B-680BDE083CAB} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [5546240 2021-03-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {8806788D-7AEB-4CFA-A10A-588510614F00} - System32\Tasks\IMF_SkipUAC_regis => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {D8C622D2-EF7B-4A90-B774-97326F88F11A} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files (x86)\IObit\IObit Malware Fighter\xmas.exe
FF user.js: detected! => C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\n8460w22.default\user.js [2020-12-23]
FF user.js: detected! => C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\9u0zz5fm.default-release\user.js [2020-12-23]
CHR Notifications: Default -> hxxps://1.megaterralink.xyz; hxxps://1.sabs-push.xyz; hxxps://a.bestdealfor25.life; hxxps://click-on-this.today; hxxps://fr.filmtube.me; hxxps://get-rc.to; hxxps://ivolabs.com; hxxps://moto.auto-doc.fr; hxxps://special-breaking.news; hxxps://stream-complet.plus; hxxps://telecharger-uptobox.fr; hxxps://thewowfeed.com; hxxps://wrw.hds-streaming.tv; hxxps://www.radio.fr; hxxps://www.wish.com
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12421888 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2020-12-30] (Zemana Ltd. -> Zemana Ltd.)
S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
S3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRealScanner.sys [50168 2020-07-01] (IObit Information Technology -> IObit)
S3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRegistryFilter.sys [42360 2019-12-17] (IObit Information Technology -> IObit)
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2021-02-21] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-12-16] (Zemana Ltd. -> Zemana Ltd.)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 edevmon; system32\DRIVERS\edevmon.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
R4 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
R4 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]
2021-04-02 04:33 - 2021-04-02 04:33 - 000000000 ____D C:\ProgramData\Emsisoft
2021-04-02 04:28 - 2021-04-02 04:30 - 296151056 _____ C:\Users\gines\Downloads\EmsisoftEmergencyKit.exe
2021-04-02 04:10 - 2021-04-02 04:10 - 000002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG TuneUp.lnk
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Users\gines\AppData\Roaming\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Users\gines\AppData\Local\CEF
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Program Files\AVG
2021-04-02 04:09 - 2021-04-02 15:20 - 000000000 ____D C:\ProgramData\AVG
2021-04-02 04:09 - 2021-04-02 04:09 - 001154184 _____ (AVG Technologies) C:\Users\gines\Downloads\avg-pc-tuneup-20-4-757-0.exe
2021-04-02 04:09 - 2021-03-08 21:46 - 000134400 _____ (AVG Technologies) C:\WINDOWS\system32\icarus_rvrt.exe
2021-04-01 20:27 - 2021-04-01 20:27 - 000000000 ____D C:\Users\gines\AppData\Roaming\ZHP
2021-04-01 20:27 - 2021-04-01 20:27 - 000000000 ____D C:\Users\gines\AppData\Local\ZHP
2021-04-01 20:25 - 2021-04-01 20:25 - 003304320 _____ C:\Users\gines\Downloads\ZHPCleaner-2019 (1).exe
2021-04-02 02:55 - 2021-04-02 18:58 - 000000000 ____D C:\Program Files (x86)\Trojan Remover
2021-03-30 19:36 - 2021-03-31 16:50 - 000000000 ____D C:\Program Files\Hola
2021-03-23 19:14 - 2021-03-23 19:14 - 000000000 ____D C:\Users\gines\AppData\Local\ESET
2021-03-23 19:06 - 2021-03-23 19:06 - 006341552 _____ (ESET) C:\Users\gines\Downloads\eset_internet_security_live_installer.exe
2021-03-23 19:01 - 2021-03-23 19:01 - 008534696 _____ (Malwarebytes) C:\Users\gines\Downloads\adwcleaner_8.2.exe
2021-04-02 02:54 - 2021-04-02 02:54 - 014321120 _____ (Simply Super Software ) C:\Users\gines\Downloads\trjsetup695.exe
cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
emptytemp:
end