start 
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3490266128-3204041763-2627671393-1000\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3490266128-3204041763-2627671393-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3490266128-3204041763-2627671393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D060617-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3490266128-3204041763-2627671393-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3490266128-3204041763-2627671393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D060617-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D060617-AD42D1DB7E9&form=CONBDF&conlogo=CT3334497&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\poo25ozb.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\poo25ozb.default -> hxxps://www.google.com/search/?trackid=sp-006
FF Extension: (Fast search) - C:\Users\Aurélie\AppData\Roaming\Mozilla\Firefox\Profiles\poo25ozb.default\Extensions\amcontextmenu@loucypher [2016-12-27]
CHR Extension: (Fast search) - C:\Users\Aurélie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-27]
2017-06-05 19:18 - 2017-06-05 19:25 - 041896256 _____ (Apple Inc.) C:\Users\Aurélie\Downloads\QuickTimeInstaller.exe
2017-06-05 19:10 - 2017-06-05 20:01 - 000000000 ____D C:\Program Files\QuickTime
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> pas de chemin du fichier
CustomCLSID: HKU\S-1-5-21-3490266128-3204041763-2627671393-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> pas de chemin du fichier



EmptyTemp:
end