start 
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3424040567-4251071983-1848492380-1002\...\Run: [Akamai NetSession Interface] => C:\Users\nicolas\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 2510 series.lnk ->  (Pas de fichier)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3424040567-4251071983-1848492380-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3424040567-4251071983-1848492380-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3424040567-4251071983-1848492380-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3424040567-4251071983-1848492380-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Pas de fichier
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\ir61jyzd.default -> hxxps://fr.search.yahoo.com/yhs/search
FF Keyword.URL: Mozilla\Firefox\Profiles\ir61jyzd.default -> hxxps://fr.search.yahoo.com/yhs/search
FF Extension: (cacaoweb) - C:\Users\nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\ir61jyzd.default\Extensions\cacaoweb@cacaoweb.org [2016-02-15] [non signé]
S3 dbx; system32\DRIVERS\dbx.sys [X]
Task: {2177018C-565C-476F-98BB-D0852C5F1CEE} - \WPD\SqmUpload_S-1-5-21-3424040567-4251071983-1848492380-1002 -> Pas de fichier <==== ATTENTION
Task: {AACDF138-838F-4445-A88F-7731C88D3F73} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\nicolas\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
FirewallRules: [UDP Query User{E9FC6F26-E29B-47D0-9972-A47AFD2E0FF6}C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{0E4A43AC-B2E0-408C-828E-EC4F92E0230A}C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [TCP Query User{80838DA3-E7CC-479B-96F9-D9D0B9486542}C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe
FirewallRules: [UDP Query User{AF492430-24DE-47B5-A2E4-DC556BD5C818}C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe] => C:\users\nicolas\appdata\roaming\cacaoweb\cacaoweb.exe


EmptyTemp:
end