start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [227648 2019-08-27] 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4038688 2019-07-19]
Task: {333EDE83-3117-4FB7-A2C9-8123698D195F} - System32\Tasks\pecokukot\{3BE6C5CD-8FDF-1D77-769F-1ADC783BAC59} => C:\Users\GUERRA~1\AppData\Local\PECEME~1\PECOKU~1.EXE
Task: {4901B38C-2C21-4291-B3C6-E81678FD81BE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757472 2019-09-04]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=
SearchScopes: HKLM -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM -> {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM-x32 -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM-x32 -> {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> DefaultScope {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {8A325BFC-729B-49F3-A04E-14FBA5BBE286} URL =
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=
R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4473448 2019-08-29] (Digital Communications Inc. -> Digital Communications Inc) <==== ATTENTION
R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [250984 2019-09-13] (Digital Communications Inc. -> Digital Communications Inc) <==== ATTENTION
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07]
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20]
U3 aswbdisk; pas de ImagePath
2019-09-02 20:06 - 2019-09-02 20:09 - 000000000 ____D C:\ProgramData\{0DC431F8-25EC-4980-7DB4-61A8955CB970}
2019-09-02 20:06 - 2019-09-02 20:06 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\{0BE43DB8-2F4C-5100-42D4-74E866BC8870}
2019-09-02 20:05 - 2019-09-02 20:05 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\segurazoclient
2019-09-02 20:05 - 2019-09-02 20:05 - 000000000 ____D C:\ProgramData\drivertonics.com
2019-09-02 20:04 - 2019-09-17 21:26 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-09-02 20:04 - 2019-09-02 20:04 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-02 20:04 - 2019-09-02 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
2019-09-17 21:28 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-09-17 21:28 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Avira
2019-09-17 21:28 - 2019-06-17 09:26 - 000000000 ____D C:\Program Files (x86)\Avira
2019-09-17 11:31 - 2019-06-14 19:13 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\AVAST Software
2019-09-17 11:31 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files\AVAST Software
2019-09-17 10:39 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\AVAST Software
2019-09-13 15:01 - 2019-07-20 12:49 - 000002566 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2019-09-04 11:21 - 2019-07-19 19:34 - 000203440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-09-04 11:21 - 2019-07-19 19:34 - 000195648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
EmptyTemp:
cmd: ipconfig /flushdns
end::