CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3586908764-1077154471-3723688828-1001\...\Run: [GalaxyClient] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0C45A300-950B-4E7C-95D5-D21FB008421B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {1CE7A7BA-5136-4B9E-9469-42EC4040DCC0} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0C806701-C700-4F01-ABA2-E8E5B2835E2C} - System32\Tasks\Opera scheduled assistant Autoupdate 1603986253 => C:\Users\TITUXX\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\TITUXX\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5BC5FCC2-D2D3-4E02-AAF4-B340B858DC39} - System32\Tasks\Opera scheduled Autoupdate 1603986251 => C:\Users\TITUXX\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-14] (Opera Software AS -> Opera Software)
Task: {A0F3DA8A-5426-4392-A9A1-BA013B5450D9} - System32\Tasks\Opera GX scheduled Autoupdate 1605807649 => C:\Users\TITUXX\AppData\Local\Programs\Opera GX\launcher.exe [1664152 2021-01-08] (Opera Software AS -> Opera Software)
Task: {2271CC4A-802C-42FC-8E7E-2A692012B384} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {30131CAF-311A-41FA-B1C3-D202FE409D18} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {5501B795-9F9F-4E8A-AB28-01924C5C8405} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {70A1EEB5-55D9-40BD-8FE3-A14829152740} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {7CA79994-F019-49EF-A44A-9142E1661A89} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [26949688 2020-12-16] (Adlice -> )
Task: {81C1E04B-8E5A-4AEC-AB11-5680554EAAF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC)Task: {96F25981-8C35-403A-BC72-E2D2C0697C9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-07] (Google LLC -> Google LLC)
Task: {F507390D-3220-4F8A-B6A1-58E903F311CC} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
 C:\Program Files\COMODO
S3 mdf16; \??\C:\Users\TITUXX\AppData\Local\Temp\mdf16.sys [X] <==== ATTENTION
S3 mvd23; \??\C:\Users\TITUXX\AppData\Local\Temp\mvd23.sys [X] <==== ATTENTION
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Pas de fichier
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Pas de fichier
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} =>  -> Pas de fichier
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Pas de fichier
SearchScopes: HKU\S-1-5-21-3586908764-1077154471-3723688828-1001 -> DefaultScope {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=138430010005_12.2.2.7036_i_ds_sp&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3586908764-1077154471-3723688828-1001 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=138430010005_12.2.2.7036_i_ds_sp&p={searchTerms}
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /V ConsentPromptBehaviorAdmin /T REG_DWORD /D 5

StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
 EndRegedit:

Reg: REG QUERY "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" 
reg: reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
EmptyTemp: