CreateRestorePoint:
CloseProcesses:
cmd: powercfg /requests
cmd: powercfg -h on
Reg: REG ADD  "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power" /v HibernateEnabled /t REG_DWORD /d 1 /f 
Task: {013EF37A-0ED0-4CD6-B0F0-069131EF45F0} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe [102008 2018-01-25] (Symantec Corporation -> Symantec Corporation)
Task: {2D344E46-364D-4067-812D-ACD8282CA95A} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe [102008 2018-01-25] (Symantec Corporation -> Symantec Corporation)
Task: {52D21FCC-798B-4F8B-A879-B8BCCF22B4B3} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.12.0.104\SymErr.exe [102008 2018-01-25] (Symantec Corporation -> Symantec Corporation)
Task: {C56F5A0D-64E0-42D4-B110-2FF7BFFE86F2} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2071400 2018-01-25] (Symantec Corporation -> Symantec Corporation)
Task: {A91481FC-3C91-471D-A4CC-69C3F4002D35} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-04-17] (Mozilla Corporation -> Mozilla Foundation)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR Notifications: Default -> hxxps://am.notification.services; hxxps://argent-et-salaire.com; hxxps://calendar.google.com; hxxps://check-now.online; hxxps://cinereplicas.fr; hxxps://francais.rt.com; hxxps://groupe-reussite.fr; hxxps://iss.shopimind.com; hxxps://milvarusso.com; hxxps://sciencepost.fr; hxxps://sellercentral.amazon.fr; hxxps://web.skype.com; hxxps://www.autoplus.fr; hxxps://www.carrefour.pl; hxxps://www.castorama.pl; hxxps://www.consoglobe.com; hxxps://www.devoirs.fr; hxxps://www.easylunettes.fr; hxxps://www.esky.fr; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.jacadi.fr; hxxps://www.jeanmarcmorandini.com; hxxps://www.jerevise.fr; hxxps://www.jeux-gratuits.com; hxxps://www.jules.com; hxxps://www.lemonde.fr; hxxps://www.lenouvelliste.ch; hxxps://www.leroymerlin.pl; hxxps://www.lesechos.fr; hxxps://www.melty.fr; hxxps://www.newchic.com; hxxps://www.santemagazine.fr; hxxps://www.santenatureinnovation.com; hxxps://www.spartoo.com; hxxps://www.tvlibertes.com; hxxps://www.wiseed.com; hxxps://www.zone-telechargement.al
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3333527&octid=EB_ORIGINAL_CTID&ISID=I723DDB6E-CBCB-40FF-A220-165C43E2228C&SearchSource=55&CUI=&UM=8&UP=SP09AB2524-122F-43DF-8D6F-06E8C4810988&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3333527&octid=EB_ORIGINAL_CTID&ISID=I723DDB6E-CBCB-40FF-A220-165C43E2228C&SearchSource=55&CUI=&UM=8&UP=SP09AB2524-122F-43DF-8D6F-06E8C4810988&SSPV=","hxxp://www.delta-search.com/?affID=119357&tt=300513_ctrl&babsrc=HP_ss&mntrId=320D000FEA3661DD","hxxp://start.mysearchdial.com/?f=1&a=frg01_14_24_ch&cd=2XzuyEtN2Y1L1Qzu0AtDtC0DyEzz0F0AtDzztDyBzy0C0EyEtN0D0Tzu0SzzzytAtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0DyEzyzz0DyB0FtGyByC0C0BtGzztAzy0DtGzzyCyCyDtGyB0A0Fzz0AtC0C0DtAtCyBtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0D0AtA0FtBtDtGtC0D0BtDtG0EzzyC0CtG0DyC0B0EtGtCtDtB0EtC0B0D0E0D0CyB0A2QtN1B1L1H1Ezu1O2U1M1B&cr=1536714537&ir=","hxxp://www.sweet-page.com/?type=hp&ts=1411639219&from=cor&uid=ST1000DM003-1CH162_Z1D5X1EB","hxxps://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxp://www.delta-homes.com/?type=hp&ts=1418205322&from=wpm12103&uid=ST1000DM003-1CH162_Z1D5X1EB","hxxp://websearch.thesearchpage.info/?pid=21107&r=2015/01/20&hid=13346189138001244012&lg=FR&cc=US&unqvl=74","hxxps://www.google.com/"
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.12.0.104\Exts\Chrome.crx <non trouvé(e)>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.12.0.104\Exts\Chrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
SearchScopes: HKU\S-1-5-21-18772724-192303294-719935252-1001 -> DefaultScope {271E128B-C23C-4C0C-AAA8-A9ED57DD8006} URL = 
SearchScopes: HKU\S-1-5-21-18772724-192303294-719935252-1001 -> {271E128B-C23C-4C0C-AAA8-A9ED57DD8006} URL = 
BHO-x32: Pas de nom -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Pas de fichier
BHO-x32: Pas de nom -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Pas de fichier
CMD: cscript %windir%\System32\slmgr.vbs /dli
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
cmd: sc config diagtrack start= disabled
cmd: sc config dmwappushservice start= disabled
Reg: REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /V AllowTelemetry /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /V SmartScreenEnabled /T REG_SZ /D RequireAdmin /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
EmptyTemp: