start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe 
HKLM\...\Run: [CL-24-6E2FA587-70EA-4DD6-8FB0-983EB47B4097] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-24-6E2FA587-70EA-4DD6-8FB0-983EB47B4097\setuplauncher.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
GroupPolicy: Restriction ? <==== ATTENTION
Task: {67D70E50-59FF-4497-A1FA-5728475D5996} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
BRA Extension: (Bitdefender Anti-tracker) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe 
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe 
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys 
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
2021-02-07 17:15 - 2021-02-07 17:15 - 000003802 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-01-18 21:03 - 2021-01-18 22:09 - 000000297 _____ C:\Users\nardi\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2021-02-07 17:12 - 2020-10-02 05:50 - 000000000 ____D C:\Program Files\Bitdefender
2021-02-07 17:10 - 2020-10-01 21:48 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
CustomCLSID: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\nardi\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001_Classes\CLSID\{75f92b33-bbaa-b4b4-04ac-a7c07959e5a66}\InprocServer32 -> 0xFE236BE4E2A1D601FE236BE4E2A1D601010000000200000000000000 => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\nardi\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\nardi\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xE4036B43149FD6012D3263E4E2A1D601020000000C00000000000000 => Pas de fichier
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Pas de nom -> {CD17CB64-A5D9-450F-8B59-5CDC1C182A4F}' -> Pas de fichier
BHO-x32: Pas de nom -> {CD17CB64-A5D9-450F-8B59-5CDC1C182A4F}' -> Pas de fichier
IE trusted site: HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\webcompanion.com -> hxxp://webcompanion.com
EmptyTemp:
cmd: ipconfig /flushdns
cmd: sfc /scannow
end::