CreateRestorePoint:
CloseProcesses:
task: {2A582736-C54C-4923-9F39-B844706BA84E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {87DF4A23-D713-4966-9A4F-99E9DCDB6128} - System32\Tasks\McAfee Cleanup => C:\Users\berna\AppData\Local\Temp\MCPR.tmp\mccleanup.exe <==== ATTENTION
Task: {A10FFB7B-D79A-417B-BDFE-8DB10807746A} - System32\Tasks\App Explorer => C:\Users\berna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7499944 2020-05-13] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION
Task: C:\WINDOWS\Tasks\McAfee Cleanup.job => C:\Users\berna\AppData\Local\Temp\MCPR.tmp\mccleanup.exeą-p mpfpcu,mpfp,mps,shred,mpscu,mskcu,msk,emproxy,mas,fwdriver,hw,mbk,mcproxy,mhn,mqccu,mqc,shrd,nmc,redir,mna,mwl,msad,vs,msc,mcpr -log C:\Users\berna\AppData\Local\Temp -w C:\Users\berna\AppData\Local\Temp\MCPR.tmp <==== ATTENTION
Tcpip\..\Interfaces\{d77f4463-5e3c-4a7c-b11e-b87995fb8018}: [DhcpNameServer] 150.207.1.2
FF Notifications: Mozilla\Firefox\Profiles\cwy74jga.default -> hxxps://www.dossierfamilial.com; hxxps://zimbra.epi.fr; hxxps://www.centerparcs.fr
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
Task: {1B3CA501-BD3C-4601-9A84-4EB66ACD240A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} "C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe"
Task: {A10FFB7B-D79A-417B-BDFE-8DB10807746A} - System32\Tasks\App Explorer => C:\Users\berna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7499944 2020-05-13] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION
Task: {BBAE5C9E-62A4-4E8D-BA94-336F2A31A0FC} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} "C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe"
Task: {E8D0D4D1-D841-446D-913F-77A408FE5385} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: C:\WINDOWS\Tasks\McAfee Cleanup.job => C:\Users\berna\AppData\Local\Temp\MCPR.tmp\mccleanup.exeą-p mpfpcu,mpfp,mps,shred,mpscu,mskcu,msk,emproxy,mas,fwdriver,hw,mbk,mcproxy,mhn,mqccu,mqc,shrd,nmc,redir,mna,mwl,msad,vs,msc,mcpr -log C:\Users\berna\AppData\Local\Temp -w C:\Users\berna\AppData\Local\Temp\MCPR.tmp <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => non trouvé(e)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Pas de fichier]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Pas de fichier]
C:\Program Files\McAfee
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
S2 mfevtp; C:\Windows\system32\mfevtps.exe [490360 2018-08-22] (McAfee, Inc. -> McAfee, LLC)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77336 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [235784 2018-10-02] (McAfee, Inc. -> McAfee, Inc.)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
S3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533520 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [555824 2018-10-02] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252952 2018-10-03] (McAfee, Inc. -> McAfee, LLC)
C:\Windows\system32\mfevtps.exe
C:\WINDOWS\System32\drivers\cfwids.sys
C:\WINDOWS\System32\drivers\HipShieldK.sys 
C:\WINDOWS\System32\drivers\mfeaack.sys
C:\WINDOWS\System32\drivers\mfefirek.sys
C:\WINDOWS\System32\DRIVERS\mfencbdc.sys
C:\WINDOWS\System32\DRIVERS\mfencrk.sys
C:\WINDOWS\System32\drivers\mfeplk.sys
C:\WINDOWS\System32\drivers\mfewfpk.sys
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\PROGRA~1\mcafee\msc\MCCTXM~1.DLL -> Pas de fichier
BHO: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
BHO-x32: Pas de nom -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Pas de fichier
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Pas de fichier
FirewallRules: [{5A672247-E421-4571-99B7-888D98AA40FF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{3FFFB8B0-2859-45F2-A58F-F5DE937AB402}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Pas de fichier
FirewallRules: [{2098C459-C77E-40FA-8A61-1F0411C45B92}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Pas de fichier
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f

CMD: cscript %windir%\System32\slmgr.vbs /dli
CMD: sc config VSS start= auto
CMD: net start VSS
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset 
CMD: netsh int ipv4 reset all
CMD: netsh int ipv6 reset all
CMD: netsh int portproxy reset all
CMD: netsh int tcp reset all
C:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: