start::
closeprocesses:
createrestorepoint:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKU\S-1-5-21-57276330-1550334040-1663376053-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190524__yaie
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-57276330-1550334040-1663376053-1001 -> DefaultScope {81FDBDE4-4876-47B3-B7AE-8FA95994E95D} URL = 
SearchScopes: HKU\S-1-5-21-57276330-1550334040-1663376053-1001 -> {81FDBDE4-4876-47B3-B7AE-8FA95994E95D} URL = 
SearchScopes: HKU\S-1-5-21-57276330-1550334040-1663376053-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-57276330-1550334040-1663376053-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-57276330-1550334040-1663376053-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-57276330-1550334040-1663376053-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7511384 2019-05-24] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
C:\Program Files (x86)\Lavasoft
HKU\S-1-5-21-57276330-1550334040-1663376053-1001\...\RunOnce: [Application Restart #1] => C:\Users\Clément DOHIN\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-we (l'élément de données a 599 caractères en plus).
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6A0FAEFB-726E-40DB-AD59-B0FEA14414FD} - \abDocsDllLoader -> Pas de fichier <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e)
C:\Program Files (x86)\McAfee
CHR StartupUrls: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com"
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <non trouvé(e)>
CHR HKU\S-1-5-21-57276330-1550334040-1663376053-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-image /Restorehealth
cmd: netsh advfirewall reset
emptytemp:
end::