CloseProcesses:
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Pas de fichier
Task: {06D72EE7-35E7-4E39-BC05-A55ACFCD9F16} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
C:\Program Files\Common Files\Avast Software
Task: {0DCC1D04-81D2-480C-B310-69881E33D0EF} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {5A2AF843-10CB-420A-B06C-A928E6C3DAA7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {C301C3A1-1B76-400B-96B7-D93F560D0D04} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {CF68A8F1-CBFA-4670-B32E-C77057B2621C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
HKU\S-1-5-21-32104311-2014465728-395096926-1001\Software\Classes\exefile:  <==== ATTENTION
HKU\S-1-5-21-32104311-2014465728-395096926-1001\Software\Classes\.exe: exefile =>  <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
2018-07-19 15:04 - 2017-05-18 20:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
DeleteKey: HKCU\Software\CoinisRevShare 
DeleteKey: HKLM\SOFTWARE\AVAST Software 
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVAST Software 
DeleteKey: HKCU\SOFTWARE\AVAST Software 
DeleteKey: HKCU\SOFTWARE\Browser Cleanup 
DeleteKey: HKU\.DEFAULT\SOFTWARE\Avast Software 
DeleteKey: HKU\.DEFAULT\SOFTWARE\Browser Cleanup 
DeleteKey: HKU\.DEFAULT\SOFTWARE\McAfee 
DeleteKey: HKU\S-1-5-21-32104311-2014465728-395096926-1001\SOFTWARE\AVAST Software 
DeleteKey: HKU\S-1-5-21-32104311-2014465728-395096926-1001\SOFTWARE\Browser Cleanup 
DeleteKey: HKU\S-1-5-21-32104311-2014465728-395096926-1001\SOFTWARE\CoinisRevShare
C:\ProgramData\Conexant
C:\ProgramData\MB3CoreBackup
C:\Program Files (x86)\Common Files\AV
C:\Program Files (x86)\Common Files\McAfee
cmd: ipconfig /flushdns
cmd: set
cmd: dir /b %userprofile%\desktop
cmd: gpresult /v
removeproxy:
emptytemp: