start::
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier 
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll -> Pas de fichier 
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll -> Pas de fichier 
Task: {65BCD01C-67B7-44F5-9ABF-F5D7B5DF1C06} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI) 
C:\Program Files\KMSpico
FirewallRules: [UDP Query User{A5F81DB5-CC9C-4E22-B6AC-E9E07290813D}C:\users\marco\appdata\local\nouveau dossier\popcorn-time\popcorn-time.exe] => (Allow) C:\users\marco\appdata\local\nouveau dossier\popcorn-time\popcorn-time.exe
FirewallRules: [TCP Query User{B775E170-AB41-444A-9C29-E5C467A0B81F}C:\users\marco\appdata\local\nouveau dossier\popcorn-time\popcorn-time.exe] => (Allow) C:\users\marco\appdata\local\nouveau dossier\popcorn-time\popcorn-time.exe
FirewallRules: [{EB263C25-55E5-40FC-AFE2-B4AD72534B65}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{CFF37028-7952-4A23-BD23-BC4497DF490D}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{2B933D3D-BEB8-4CDA-9FB7-1ACB0B9D886C}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{5BCAB1B2-EEAE-4B84-92F4-9DBC84BF7DA6}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{569C9DD8-66AF-40C9-A08E-41CA0344F60A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{28D660C4-CFD2-4C43-8475-B25F5FDE91E9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe 
C:\Program Files (x86)\Popcorn Time
HKLM\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\...\Run: [AVGUI.exe] => "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui 
GroupPolicy: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080 
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION 
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl","hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqB38rBH8nBU..&v=20160526&uid=0B42173F8E04611569825E19C0CE8C7F&ptid=isr&mode=loadm","hxxps://encrypted.google.com" 
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI) [Fichier non signé] 
S2 AVG Antivirus; "C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe" [X]
S3 avgbIDSAgent; "C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe" [X] 
2017-12-16 04:06 - 2017-12-16 04:06 - 000000000 ____D C:\Program Files\KMSpico
2017-11-20 21:02 - 2017-09-04 08:48 - 000000000 ____D C:\Users\Marco\AppData\Local\Avg
2017-11-20 21:02 - 2017-09-04 08:48 - 000000000 ____D C:\ProgramData\Avg  
cmd: ipconfig /flushdns
removeproxy:
emptytemp:
end::