start::
CreateRestorePoint:
CloseProcesses:
Hosts:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier 
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [AccExt] -> [CC]{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Pas de fichier 
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier 
Task: {8A42D099-F7F1-47D7-8971-FA7EA1030556} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION 
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe 
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-4220711252-3696406398-2076118213-1002\...\StartupApproved\Run: => "OneDrive" 
C:\Users\Nico\AppData\Local\Google\Chrome\User Data\SwReporter
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-02-05] (Google LLC -> Google Inc.) 
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx 
S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [X]
S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [X] 
C:\Program Files (x86)\IObit
2019-02-04 20:34 - 2019-02-05 19:45 - 000000000 ____D C:\Program Files (x86)\IObit
2019-02-04 20:34 - 2019-02-05 19:43 - 000000000 ____D C:\Users\Nico\AppData\Roaming\IObit
2019-02-04 20:34 - 2019-02-04 20:35 - 000000000 ____D C:\Users\Nico\AppData\LocalLow\IObit
2019-02-04 20:33 - 2019-02-05 19:43 - 000000000 ____D C:\ProgramData\IObit
2019-02-04 20:33 - 2019-02-04 20:47 - 000000000 ____D C:\ProgramData\ProductData
2019-02-04 20:33 - 2019-02-04 20:33 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2019-02-04 20:29 - 2019-02-04 20:33 - 049318920 _____ (IObit ) C:\Users\Nico\Downloads\IObit-Malware-Fighter-Setup.exe 
2019-01-12 10:30 - 2018-10-08 17:17 - 000341760 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys
2019-01-12 10:30 - 2018-10-08 17:17 - 000073448 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys
2019-01-12 10:30 - 2018-10-08 17:17 - 000053504 _____ C:\Windows\system32\Drivers\EUBKMON.sys
2019-01-12 10:30 - 2018-10-08 17:17 - 000022784 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys
2019-01-12 07:56 - 2019-01-12 07:56 - 000000031 _____ C:\Windows\script.txt 
EmptyTemp:
RemoveProxy:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end::