start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe 
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction 
HKLM\SOFTWARE\Policies\Google: Restriction 
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction
Task: {1A61ACA9-C357-4D35-BD84-00CC991A4A6B} - System32\Tasks\Driver Booster SkipUAC (simon) => C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe
Task: {59ECB2A8-0256-4F24-885D-E20942162306} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe 
Task: {B77E5DF0-3563-4822-B979-802A69A18E5A} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.7.0\AutoUpdate.exe
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK 
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL 
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL 
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe 
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe 
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe 
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe 
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe 
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe 
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe 
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe 
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe 
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe 
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe 
R3 mfevtp; C:\Windows\system32\mfevtps.exe 
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys
R2 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys 
R2 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys 
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys 
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys 
R2 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys 
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys 
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys 
R2 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys 
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys 
2021-10-08 20:29 - 2021-10-08 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-10-08 20:24 - 2021-10-08 20:24 - 000000000 ____D C:\Users\simon\AppData\Roaming\Adobe
2021-10-08 18:47 - 2021-10-08 18:47 - 000001362 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2021-10-08 18:47 - 2021-10-08 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2021-10-08 18:47 - 2021-10-08 18:47 - 000000000 ____D C:\Program Files (x86)\Panda Security
2021-10-08 18:47 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2021-10-08 18:43 - 2021-10-08 18:45 - 038191600 _____ (Panda Security ) C:\Users\simon\Downloads\PandaCloudCleaner.exe
2021-10-08 18:40 - 2021-10-08 18:40 - 002645240 _____ (Panda Security S.L.) C:\Users\simon\Downloads\PandaCloudCleanerUSB.exe
2021-10-05 18:54 - 2021-10-05 18:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-10-04 22:40 - 2021-10-04 22:41 - 000000000 ____D C:\734af0d45394744ca25161ee
2021-10-04 19:28 - 2021-10-04 19:29 - 005901768 _____ (Avira Operations GmbH & Co. KG) C:\Users\simon\Downloads\avira_fr_sptl1_1870781078-1633368518__pfsws-spotlight-release.exe
2021-10-04 13:52 - 2021-10-04 13:52 - 000000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2021-10-04 13:08 - 2021-10-04 13:08 - 001341272 _____ (Google LLC) C:\Users\simon\Downloads\ChromeSetup.exe
2021-10-04 12:40 - 2021-10-05 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8
2021-10-04 12:40 - 2021-10-04 12:40 - 000002372 _____ C:\Users\Public\Desktop\Driver Booster 8.lnk
2021-10-04 12:40 - 2021-10-04 12:40 - 000000000 ____D C:\Users\simon\AppData\LocalLow\IObit
2021-10-04 12:40 - 2021-10-04 12:40 - 000000000 ____D C:\Program Files (x86)\IObit
2021-10-04 12:39 - 2021-10-08 14:46 - 000000000 ____D C:\Users\simon\AppData\Roaming\IObit
2021-10-04 12:33 - 2021-10-04 12:39 - 027097880 _____ (IObit ) C:\Users\simon\Downloads\driver_booster_setup.exe
2021-10-04 12:32 - 2021-10-04 12:32 - 005901768 _____ (Avira Operations GmbH & Co. KG) C:\Users\simon\Downloads\avira_fr_sptl1_1975973765-1633343522__bng-spotlightdiscfr1-new2.exe
2021-10-08 19:46 - 2016-02-20 08:39 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-10-05 19:25 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-05 19:25 - 2015-10-30 09:24 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-04 19:30 - 2016-02-20 08:39 - 000000000 ____D C:\ProgramData\McAfee
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Pas de fichier
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Pas de fichier
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKU\S-1-5-21-3841699790-389661101-1403449438-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll 
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll 
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
end::