start::
closeprocesses:
createrestorepoint:
SearchScopes: HKU\S-1-5-21-1331605046-675639649-4230628497-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1331605046-675639649-4230628497-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-1331605046-675639649-4230628497-1001\...\StartupApproved\Run: => "Web Companion"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1331605046-675639649-4230628497-1001\...\MountPoints2: {e1bf720f-44c5-11ea-8264-0cd2925a4285} - "E:\laucher.exe"
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2021-12-21] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\h54d7xz0.default -> hxxps://defaultsearch.co/homepage?hp=1&bitmask=9996&pId=IC150206&iDate=2020-03-24 11:58:30&bName=
FF SearchPlugin: C:\Users\Maumau\AppData\Roaming\Mozilla\Firefox\Profiles\h54d7xz0.default\searchplugins\bing-lavasoft-ff59.xml [2020-09-04]
cmd: cscript %windir%\System32\slmgr.vbs /dli
cmd: netsh advfirewall reset
emptytemp:
end::