start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-1509975550-1745062206-2336961910-1001_Classes\CLSID\{500C8957-D051-4057-8C54-CBB13E45C719}\localserver32 -> "C:\Users\antoi\AppData\Local\StarLeaf\StarLeaf\2\StarLeaf.UWP.exe" --toasty => Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1509975550-1745062206-2336961910-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-1509975550-1745062206-2336961910-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-1509975550-1745062206-2336961910-1001\...\Run: [btweb] => "C:\Users\antoi\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKU\S-1-5-21-1509975550-1745062206-2336961910-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
C:\Program Files (x86)\Lavasoft
C:\Users\antoi\AppData\Roaming\BitTorrent Web
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-12] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR Notifications: Default -> hxxps//drive.google.com; hxxps//forums.commentcamarche.net; hxxps//fr.millenium.gg; hxxps//inb.network; hxxps//www.marmiton.org; hxxps//www.mcdonalds.fr; hxxps//www.oxtorrent.pe; hxxps//www.youtube.com
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
2021-10-23 13:28 - 2021-10-23 13:28 - 000232168 _____ (AVAST Software) C:\Users\antoi\Downloads\avast_free_antivirus_setup_online.exe
2021-10-23 13:28 - 2021-10-23 13:28 - 000000000 ____D C:\ProgramData\Avast Software
cmd: netsh advfirewall reset
emptytemp:
end::