start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-2387861018-69833366-2063973478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe 
HKU\S-1-5-21-2387861018-69833366-2063973478-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\liger\AppData\Local\Microsoft\Teams\Update.exe 
Task: {07A49388-160A-40A6-A4E9-C462882DB526} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe
Task: {16E7DAFF-6850-484B-845B-19D3F6486841} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe
FF Extension: (TrafficLight) - C:\Users\liger\AppData\Roaming\Mozilla\Firefox\Profiles\kcrbq4kv.default-release\Extensions\trafficlight@bitdefender.com.xpi
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe 
U3 aspnet_state; pas de ImagePath
2022-04-29 04:09 - 2022-04-29 04:09 - 000000000 _____ C:\Users\liger\Downloads\Non confirmé 358876.crdownload
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
IE trusted site: HKU\S-1-5-21-2387861018-69833366-2063973478-1001\...\sharepoint.com -> hxxps://triviumpackaging-files.sharepoint.com
HKU\S-1-5-21-2387861018-69833366-2063973478-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2387861018-69833366-2063973478-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
EmptyTemp:
cmd: ipconfig /flushdns
cmd: sfc /scannow
cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
cmd: DISM /Online /Cleanup-image /Restorehealth
end::