start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2363033358-2692825597-4007201065-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2363033358-2692825597-4007201065-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - Pas de fichier
CHR HKU\S-1-5-21-2363033358-2692825597-4007201065-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-04-15] (Zemana Ltd.)
S1 kuyeorzc; \??\C:\WINDOWS\system32\drivers\kuyeorzc.sys [X]
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
S2 RHDISK_AMD64; \??\C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
2018-06-03 00:21 - 2018-06-03 00:21 - 000000000 ___HD C:\$AV_ASW
2018-05-28 09:42 - 2018-05-28 09:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-05-28 09:41 - 2018-05-28 09:41 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-05-28 09:38 - 2018-06-12 20:47 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-12 21:35 - 2018-04-15 11:31 - 000058793 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-05-28 09:45 - 2018-02-16 13:10 - 000000000 ____D C:\ProgramData\Avira
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1-x32: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => F:\GLARYU~1\CONTEX~1.DLL -> Pas de fichier
ContextMenuHandlers2-x32: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => F:\GLARYU~1\CONTEX~1.DLL -> Pas de fichier
ContextMenuHandlers6-x32: [Glary Utilities] -> {72923739-5A47-40A3-9895-25AF0DFBB9E4} => F:\GLARYU~1\CONTEX~1.DLL -> Pas de fichier
Task: {B019173E-5494-49BE-9BAF-4F8BB602A950} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {E0212D07-CF87-4C7C-A492-FC880D20715F} - System32\Tasks\GlaryInitialize => F:\Glary Utilities\initialize.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
cmd: ipconfig /flushdns
end::