start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-4136891449-1146284136-124031633-1001_Classes\CLSID\00480077-0039-0070-0043-003100630033\InprocServer32 -> pas de chemin du fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll -> Pas de fichier
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll -> Pas de fichier
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll -> Pas de fichier
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll -> Pas de fichier
SearchScopes: HKU\S-1-5-21-4136891449-1146284136-124031633-1001 -> DefaultScope {E3D1B6CD-2915-469F-9AA1-42395FDEB2F1} URL =
SearchScopes: HKU\S-1-5-21-4136891449-1146284136-124031633-1001 -> {E3D1B6CD-2915-469F-9AA1-42395FDEB2F1} URL =
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4136891449-1146284136-124031633-1001\...\sharepoint.com -> hxxps://heplch-myfiles.sharepoint.com
IE trusted site: HKU\S-1-5-21-4136891449-1146284136-124031633-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-4136891449-1146284136-124031633-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
C:\Program Files (x86)\Lavasoft
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Homepage: Mozilla\Firefox\Profiles\2talj4dh.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IC150206&iDate=2020-05-19 08:01:33&bName=
FF NewTab: Mozilla\Firefox\Profiles\2talj4dh.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IC150206&iDate=2020-05-19 08:01:33&bName=
FF SearchPlugin: C:\Users\murie\AppData\Roaming\Mozilla\Firefox\Profiles\2talj4dh.default\searchplugins\mysearchengine.xml [2020-11-22]
FF Homepage: Mozilla\Firefox\Profiles\jqlz30w6.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IC150206&iDate=2020-05-19 08:01:33&bName=
FF NewTab: Mozilla\Firefox\Profiles\jqlz30w6.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=IC150206&iDate=2020-05-19 08:01:33&bName=
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kpxys4uu2kb.js [2021-05-21] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kpxys4uu2kb.cfg [2021-05-21] <==== ATTENTION
S2 AVG Antivirus; "C:\Program Files\AVG\Antivirus\AVGSvc.exe" /runassvc [X]
S2 AVG Tools; "C:\Program Files\AVG\Antivirus\avgToolsSvc.exe" /runassvc [X]
S3 avgbIDSAgent; "C:\Program Files\AVG\Antivirus\aswidsagent.exe" [X]
S2 AvgWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
S2 ReportNuranu; C:\Program Files (x86)\ReportNuranu\ReportNuranu.exe -system -token 0529f5 [X]
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
S2 avgStm; system32\drivers\avgStm.sys [X]
cmd: netsh advfirewall reset
emptytemp:
end::