CreateRestorePoint:
CloseProcesses:
IE trusted site: HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\...\webcompanion.com -> hxxp://webcompanion.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tm Audio Editor\Tl Audio Editor.lnk -> C:\Program Files (x86)\Tm Audio Editor\2.8.9.186\EasyAudioEditor.exe (Pas de fichier)cmd: powercfg /requests
C:\Users\yoann\AppData\Roaming\Mozilla\Firefox\Profiles\tfw16otu.default\browser-extension-data\doh-rollout@mozilla.org 
HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com 
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com  
HKCU\SOFTWARE\7d96caee-06e6-597c-9f2f-c7bb2e0948b4 
HKCU\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c 
HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\SOFTWARE\7d96caee-06e6-597c-9f2f-c7bb2e0948b4  
HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\SOFTWARE\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c  
HKU\S-1-5-21-1461851873-1119484311-3382848958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com 
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com  
Task: {0603A978-6DDF-40BE-A764-5156D29C47B8} - System32\Tasks\EOSv3 Scheduler onTime => D:\Users\yoann\Downloads\esetonlinescanner.exe
Task: {51B905B8-BB5C-40B5-9813-2B38477C958E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {D7396000-3BE6-43D1-99AA-18B30BADF80E} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Users\yoann\Downloads\esetonlinescanner.exe
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FF Notifications: Mozilla\Firefox\Profiles\tfw16otu.default -> hxxps://www.instagram.com; hxxps://tinder.com; hxxps://forums.macg.co
CMD: Winmgmt /verifyrepository
CMD: netsh winsock reset
CMD: bitsadmin /reset 
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
cmd: sc config diagtrack start= disabled
cmd: sc config dmwappushservice start= disabled
Reg: REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /V AllowTelemetry /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxPortExhausted /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpenRetried /T REG_DWORD /D 400 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxHalfOpen /T REG_DWORD /D 500 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V SynAttackProtect /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V KeapAliveTime /T REG_DWORD /D 300000 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableDeadGWDetect /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V DisableIPSourceRouting /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableMulticastForwarding /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V IPEnableRouter /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnableAddrMaskReply /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxConnectResponseRetransmissions /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V TcpMaxDataRetransmissions /T REG_DWORD /D 2 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V EnablePMTUDiscovery /T REG_DWORD /D 0 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V EnableDynamicBacklog /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MinimumDynamicBacklog /T REG_DWORD /D 20 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V MaximumDynamicBacklog /T REG_DWORD /D 20000 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V DynamicBacklogGrowthDelta /T REG_DWORD /D 10 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V FastCopyReceiveThreshold /T REG_DWORD /D 5dc /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters" /V FastSendDatagramThreshold /T REG_DWORD /D 5dc /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /V NoNameReleaseOnDemand /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V NoLmHash /T REG_DWORD /D 1 /f
CMD: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa" /V lmcompatibilitylevel /T REG_DWORD /D 5 /f
CMD: dism.exe /Online /Cleanup-Image /AnalyzeComponentStore
c:\windows\temp\*.*
C:\Users\yoann\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
Hosts:
EmptyTemp: