start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-02-17]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Pas de fichier)
SearchScopes: HKU\S-1-5-21-4010903206-2480894658-2310373901-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Edge Extension: (RoboForm) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.6.0_x86__7kk3kr9e0p1np [2019-02-27]
S2 0097881550361894mcinstcleanup; C:\ProgramData\McInstTemp0097881550361894\McInst.exe
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe" [X]
S3 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S3 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
U3 mfeaack01; pas de ImagePath
U3 mfeavfk01; pas de ImagePath
U3 mfehidk01; pas de ImagePath
U3 mfencbdc01; pas de ImagePath
S0 cfwids; system32\drivers\cfwids.sys [X]
S0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
2019-02-20 20:40 - 2019-03-02 21:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-02-17 10:38 - 2019-03-02 21:59 - 000003416 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2019-02-17 10:38 - 2019-03-02 21:59 - 000002814 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2019-02-15 21:36 - 2019-02-17 21:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-02-17 21:57 - 2018-08-03 03:37 - 000000000 ____D C:\ProgramData\McAfee
2019-02-17 21:54 - 2018-08-03 03:37 - 000000000 ____D C:\Program Files\Common Files\mcafee
2019-02-15 18:54 - 2018-08-03 03:37 - 000000000 ____D C:\Program Files\mcafee
2019-02-15 18:54 - 2018-08-03 03:37 - 000000000 ____D C:\Program Files (x86)\McAfee
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
Task: {C164E662-314D-482D-AF24-F46DB085ED9B} - System32\Tasks\Run RoboForm TaskBar Icon => D:\Program Files\RoboTaskBarIcon.exe 
Task: {E3B244A2-77C6-43CD-A405-9E298B06EA28} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=
2019-02-27 20:08 - 2019-02-27 20:08 - 000015872 _____ () [Fichier non signé] C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.6.0_x86__7kk3kr9e0p1np\RoboFormCompanion.exe
2019-02-27 20:08 - 2019-02-27 20:08 - 000669696 _____ () [Fichier non signé] C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.6.0_x86__7kk3kr9e0p1np\RoboFormCompanion.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
cmd: ipconfig /flushdns
end::