start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-09-22]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {06DB1413-AAD5-4B57-B300-FBDA502D4A79} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Watchdog Anti-Malware\WAM.exe 
Task: {5266B9A5-68EA-4D5D-9340-D25B9D08C4FB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe 
Task: {B1862F30-9EA5-4395-8612-3E806360B6D7} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
Task: {C77A2C2B-3563-46A1-AF0F-8074CE6500D7} - System32\Tasks\AMHelper => C:\Program Files (x86)\Watchdog Anti-Malware\WAM.exe 
Task: {D65BB377-44E3-438B-A8BC-0CC8250B1F6B} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Dell SupportAssistAgent AutoUpdate" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-44645411-796625708-634952601-1001" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\SmartByte Telemetry" /ENABLE
Task: {D89358B7-C61E-48B8-B680-998D664329AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR105G0&p={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Zerr Sot) - C:\Users\guylo\AppData\Local\Google\Chrome\User Data\Default\Extensions\najbcbjpfdaghbdbljiiblkeannpclpa
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [358432 2020-09-22] 
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1097752 2020-09-22] 
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7871424 2020-09-22] 
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-09-22] 
S2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-10-19] 
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206456 2020-09-22] 
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [235648 2020-09-22] 
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [195712 2020-09-22] 
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61056 2020-09-22]
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42832 2020-09-22] 
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175256 2020-09-22] 
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [517648 2020-09-25] 
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [109336 2020-09-22] 
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84912 2020-09-22] 
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [851664 2020-09-22] 
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [469944 2020-09-22] 
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [217392 2020-09-22] 
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [326488 2020-09-22]
U1 avgbdisk; pas de ImagePath
S3 PCDSRVC{628864C0-331E8A33-06030000}_0; \??\c:\program files\dell\supportassistagent\pcdr\supportassist\6.0.7193.518\pcdsrvc_x64.pkms [X]
2020-10-19 13:30 - 2020-10-24 13:21 - 000422662 _____ C:\Windows\ZAM.krnl.trace
2020-10-19 13:30 - 2020-10-24 12:57 - 000000000 ____D C:\Users\guylo\AppData\Local\Watchdog Anti-Malware
2020-10-19 13:30 - 2020-10-19 13:30 - 000003544 _____ C:\Windows\system32\Tasks\AMHelper
2020-10-19 13:30 - 2020-10-19 13:30 - 000002662 _____ C:\Windows\system32\Tasks\AMSkipUAC
2020-10-19 13:30 - 2020-10-19 13:30 - 000001242 _____ C:\Users\Public\Desktop\Watchdog Anti-Malware.lnk
2020-10-19 13:30 - 2020-10-19 13:30 - 000001242 _____ C:\ProgramData\Desktop\Watchdog Anti-Malware.lnk
2020-10-19 13:30 - 2020-10-19 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchdog Anti-Malware
2020-10-19 13:30 - 2020-10-19 13:30 - 000000000 ____D C:\Program Files (x86)\Watchdog Anti-Malware
2020-10-19 13:28 - 2020-10-19 13:29 - 000000000 ____D C:\Users\guylo\AppData\Local\TeamViewer
2020-10-19 13:28 - 2020-10-19 13:28 - 000000000 ____D C:\Users\guylo\AppData\Roaming\TeamViewer
2020-10-19 13:27 - 2020-10-19 13:28 - 000000000 ____D C:\Users\guylo\Desktop\TeamViewerPortable
2020-10-19 13:05 - 2020-10-24 12:57 - 000000000 ____D C:\Users\guylo\AppData\Local\AMSDK
2020-10-19 11:53 - 2020-10-19 11:53 - 000000000 ___HD C:\$AV_AVG
2020-10-19 11:47 - 2020-10-19 11:47 - 000000000 ____D C:\Users\guylo\AppData\Roaming\supportdotcom
2020-10-19 11:47 - 2020-10-19 11:47 - 000000000 ____D C:\Users\guylo\AppData\Local\SPRT
2020-10-19 11:47 - 2020-10-19 11:47 - 000000000 ____D C:\Program Files (x86)\supportdotcom
2020-10-19 11:46 - 2020-10-19 11:46 - 002950536 _____ C:\Users\guylo\Downloads\connect_807751.exe
2020-10-24 05:10 - 2020-03-05 16:34 - 000004266 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-10-20 16:37 - 2020-03-21 16:11 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-10-19 14:13 - 2020-03-05 16:32 - 000000000 ____D C:\ProgramData\AVG
2020-09-25 16:24 - 2020-06-10 10:34 - 000517648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-09-14 11:22 - 2020-09-14 11:22 - 000000000 _____ () C:\Users\guylo\AppData\Local\{95D72153-4D8E-44B2-8F55-B1F75F48E962}
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dl
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Watchdog Anti-Malware\AM_ShellExt64.dll
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
SearchScopes: HKU\S-1-5-21-44645411-796625708-634952601-1001 -> DefaultScope {488AFFA1-EA1E-4226-8470-432D3273B6F0} URL =
SearchScopes: HKU\S-1-5-21-44645411-796625708-634952601-1001 -> {488AFFA1-EA1E-4226-8470-432D3273B6F0} URL =
EmptyTemp:
cmd: ipconfig /flushdns
end::