CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
Task: {7073D045-AF4E-407A-AD0A-E6AE6795702E} - System32\Tasks\PPI Update => C:\windows\explorer.exe "hxxp://windowsdefender.site/download/download.php?mn=9996" <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
AutoConfigURL: [S-1-5-21-3625869187-2780460044-3516250116-1001] => hxxp://accessfastweb.com/wpad.dat?9480d5c36e9d63c0600e61d07bf3c20a33995243
ManualProxies: 0hxxp://accessfastweb.com/wpad.dat?9480d5c36e9d63c0600e61d07bf3c20a33995243
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3625869187-2780460044-3516250116-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Pas de nom -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Pas de fichier
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
C:\Program Files\adaware
R3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [442848 2017-02-08] (BitDefender S.R.L.)
2017-08-01 07:34 - 2017-08-01 07:02 - 005103792 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicolas\AppData\Local\Temp\EsgInstallerResumeAction_a02d5fed7da9455c1b4645ba52347fe4.exe
2017-07-31 14:07 - 2017-07-31 14:07 - 000740416 _____ (Oracle Corporation) C:\Users\Nicolas\AppData\Local\Temp\jre-8u144-windows-au.exe
cmd: ipconfig /flushdns