start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2058979491-2753391561-1266872634-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-04-23] (Zemana Ltd. -> Zemana Ltd.)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
2019-04-23 17:27 - 2019-04-30 14:08 - 002723550 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-04-23 17:27 - 2019-04-23 19:02 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-04-23 17:27 - 2019-04-23 17:40 - 000023103 _____ C:\Windows\ZAM.krnl.trace
2019-04-23 17:27 - 2019-04-23 17:27 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-04-23 17:27 - 2019-04-23 17:27 - 000000000 ____D C:\Users\Administrateur\AppData\Local\Zemana
2019-04-23 15:08 - 2019-04-23 15:16 - 000000000 ____D C:\ProgramData\HitmanPro
2019-04-23 14:08 - 2019-04-23 14:08 - 000001870 _____ C:\Users\Administrateur\Desktop\Rkill.txt
2019-04-23 14:04 - 2019-04-23 14:04 - 000430280 _____ (ESET) C:\Users\Administrateur\Downloads\ESETSirefefCleaner.exe
2019-04-23 14:04 - 2019-04-23 14:04 - 000001546 _____ C:\Users\Administrateur\Downloads\ESETSirefefCleaner.exe_20190423.140435.4276.zip
2019-04-18 15:24 - 2019-04-18 15:24 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Administrateur\Downloads\esetonlinescanner_enu.exe
2019-04-18 15:24 - 2019-04-18 15:24 - 000000000 ____D C:\Users\Administrateur\AppData\Local\ESET
2019-04-17 13:11 - 2019-04-17 13:11 - 000000000 ____D C:\Users\Administrateur\AppData\Local\mbamtray
2019-04-17 13:11 - 2019-04-17 13:11 - 000000000 ____D C:\Users\Administrateur\AppData\Local\mbam
2019-04-17 13:00 - 2019-04-17 13:00 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2019-04-17 12:59 - 2019-04-23 19:02 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-04-17 12:59 - 2019-04-23 17:25 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-04-13 18:32 - 2019-04-13 18:32 - 000000000 ____D C:\Users\damien\AppData\Local\mbamtray
2019-04-13 17:04 - 2019-04-13 17:04 - 000000000 ____D C:\Users\damien\AppData\Local\mbam
2019-04-12 15:03 - 2019-04-23 14:09 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-10 18:07 - 2019-04-10 18:07 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-17 12:21 - 2019-01-14 17:00 - 007241296 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\Administrateur\Desktop\HiJackThis.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
FirewallRules: [TCP Query User{F77A5D20-713D-4507-AB4A-35353F6DB797}C:\program files\windowsapps\spotifyab.spotifymusic_1.104.197.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.104.197.0_x86__zpdnekdrzrea0\spotify.exe Pas de fichier
FirewallRules: [UDP Query User{8DC55D28-53F2-4E04-8A6D-55BE193B6636}C:\program files\windowsapps\spotifyab.spotifymusic_1.104.197.0_x86__zpdnekdrzrea0\spotify.exe] => (Block) C:\program files\windowsapps\spotifyab.spotifymusic_1.104.197.0_x86__zpdnekdrzrea0\spotify.exe Pas de fichier
FirewallRules: [{5B9758E8-132D-4623-94A0-C928D1545250}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{4D98474E-250D-489F-9118-53CD106E86C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{3ECB5CBB-0600-4562-9B08-C98A27EE43B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{33AB21FB-D037-4A6C-B369-3AE9563BC548}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{50D20D80-5FED-445D-A42F-F02F0D165DBC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{94123F4E-9C2E-465C-A47D-F6D281F455DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{C289EC4C-163A-4091-8B42-913392B61FB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
FirewallRules: [{0ECEFACC-9646-49A5-BC0B-2177D6268F56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe 
cmd: ipconfig /flushdns
end::