start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {453CC1C2-63E6-4E4E-8E13-E32475DFE61C} - System32\Tasks\{23180BE6-A3B2-409F-9311-2E6CD1EEBA60} => C:\Windows\system32\pcalua.exe -a D:\Utilisateurs\Jacques\Downloads\Vuze_4404_windows.exe -d D:\Utilisateurs\Jacques\Downloads
Task: {8F378AEE-4173-4E9D-81F4-C9128DF7CB7D} - System32\Tasks\{AD7D41FE-1A49-426A-9814-AAF88665360D} => C:\Windows\system32\pcalua.exe -a C:\Users\Jacques\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3361204937-3710351666-1865365808-1001 -> {1657E8F5-3D80-46E8-BF3C-00D7DAA1B2A2} URL =
SearchScopes: HKU\S-1-5-21-3361204937-3710351666-1865365808-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
Handler: WSWSVCUchrome - Pas de valeur CLSID
FF HKLM-x32\...\Firefox\Extensions: [{5F0FAE51-39D0-474c-9FF2-CDBAB175FF95}] - C:\Program Files (x86)\Youtomato\YT Downloader\YTD_FF.xpi
FF Extension: (YT Downloader Extension) - C:\Program Files (x86)\Youtomato\YT Downloader\YTD_FF.xpi
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
U1 aswbdisk; pas de ImagePath
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2019-12-18 15:49 - 2020-01-02 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YT Downloader
2019-12-18 15:49 - 2019-12-18 15:49 - 000000000 ____D C:\Users\Jacques\AppData\Roaming\Youtomato
2019-12-18 15:49 - 2019-12-18 15:49 - 000000000 ____D C:\Program Files (x86)\Youtomato
2019-12-18 15:46 - 2019-12-18 15:46 - 017212231 _____ (Youtomato ) C:\Users\Jacques\Downloads\yt-downloader-setup.exe
2020-01-02 10:57 - 2015-12-03 18:00 - 000000000 ____D C:\Users\Jacques\AppData\Roaming\uTorrent
2019-01-27 11:43 - 2019-01-27 11:43 - 000056320 _____ (SSS) C:\ProgramData\FinalDeleteFile.exe
2014-05-22 15:22 - 2014-05-22 15:22 - 000653312 _____ (http://lame.sf.net) C:\Program Files (x86)\lame.exe
2014-05-22 15:22 - 2014-05-22 15:22 - 000519680 _____ () C:\Program Files (x86)\lame_enc.dll
2015-12-24 16:26 - 2015-12-24 16:26 - 000000020 ___SH () C:\Users\Jacques\AppData\Roaming\Sys11965 DataCollection.dat
2015-12-24 16:26 - 2015-12-24 16:26 - 000000020 ___SH () C:\Users\Jacques\AppData\Roaming\System413_DataDB.ind
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => -> Pas de fichier
ContextMenuHandlers6: [Youtomato.YTConverter] -> {3A0058EA-C412-4426-8EF7-50C39B4DD51D} => C:\Program Files (x86)\Youtomato\YT Downloader\YTC_WS.dll 
ContextMenuHandlers6: [Youtomato.YTPlayer] -> {0C671AE6-FB74-4582-AF90-3ABF895450B7} => C:\Program Files (x86)\Youtomato\YT Downloader\YTP_WS.dll
2019-12-18 15:49 - 2016-09-17 16:05 - 000055296 _____ (Youtomato) [Fichier non signé] C:\Program Files (x86)\Youtomato\YT Downloader\YTC_WS.dll
2019-12-18 15:49 - 2016-09-16 15:55 - 000055296 _____ (Youtomato) [Fichier non signé] C:\Program Files (x86)\Youtomato\YT Downloader\YTP_WS.dll
MSCONFIG\startupreg: ProductUpdater =>
EmptyTemp:
cmd: ipconfig /flushdns
end::