start::
closeprocesses:
createrestorepoint:
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} 
SearchScopes: HKU\S-1-5-21-2450778762-1841667943-1928444382-1001 -> DefaultScope {0514B9E6-089A-448D-9868-1D42C60AC855} URL =
SearchScopes: HKU\S-1-5-21-2450778762-1841667943-1928444382-1001 -> {0514B9E6-089A-448D-9868-1D42C60AC855} URL = 
IE trusted site: HKU\S-1-5-21-2450778762-1841667943-1928444382-1001\...\webcompanion.com -> hxxp://webcompanion.com 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION 
Task: {1D3CAA9E-7868-4947-AED5-912A0CF625D5} - System32\Tasks\Opera scheduled Autoupdate 1553633611 => C:\Users\Ced33\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) 
Task: {2879E14C-D0C7-4F68-8F53-3542F9ACC9BF} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION 
Task: {376FD43D-DAE0-41B4-B000-B4F507949F89} - System32\Tasks\Opera scheduled assistant Autoupdate 1553633625 => C:\Users\Ced33\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Ced33\AppData\Local\Programs\Opera\assistant" $(Arg0) 
C:\Users\Ced33\AppData\Local\Programs\Opera
Task: {8F47A5E1-0643-4464-9DDE-C5E71C26B1F8} - System32\Tasks\Opera scheduled Autoupdate 1537977003 => C:\Users\Ced33\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION 
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] 
FF HomepageOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Disabled: web@af1e58bc-4ead-11e8-81fc-065ad97f23a5
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: qwant@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: ebay@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: amazon@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: bing@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065 -> Enabled: google@search.mozilla.org
FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Ced33\AppData\Roaming\Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065\Extensions\sp@avast.com.xpi [2022-02-10]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Ced33\AppData\Roaming\Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065\Extensions\wrc@avast.com.xpi [2021-12-28] 
FF SearchPlugin: C:\Users\Ced33\AppData\Roaming\Mozilla\Firefox\Profiles\hvbwlkvn.default-1532172302065\searchplugins\bing-lavasoft-ff59.xml [2018-09-26] 
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] 
CHR DefaultSearchURL: Default -> hxxps://search.totalav.com/search/web?fcoid=417&fcop=topnav&fpid=27&q={searchTerms}
CHR DefaultSearchKeyword: Default -> safesearch 
C:\Users\Ced33\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
C:\Users\Ced33\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
C:\Users\Ced33\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
C:\Users\Ced33\AppData\Local\Google\Chrome\User Data\Default\Extensions\looohgelibjoplmkhecmalapkgadkfcc
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
CHR HKU\S-1-5-21-2450778762-1841667943-1928444382-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2450778762-1841667943-1928444382-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [moihledlmchhofenpacbhphnbnpakgmo]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] 
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X] 
cmd: netsh advfirewall reset
cmd: sfc /scannow
emptytemp:
end::