start::
closeprocesses:
createrestorepoint:
C:\Users\grozb\AppData\Local\MSkgi2\MSkgi2.exe
C:\Users\grozb\AppData\Roaming\Java\start.bat
Task: {823075C1-BBA4-4877-B6D4-AC5CC1319EE6} - System32\Tasks\CEztihl2 => C:\Users\grozb\AppData\Local\MSkgi2\MSkgi2.exe [78688 2021-06-09] (LINEOSOFT -> ) [Fichier non signé]
Task: {C1A3C55E-AC20-453D-B337-F69C60AA33DB} - System32\Tasks\CEztihl3 => C:\Users\grozb\AppData\Local\MSwoy2\MSwoy2.exe [78688 2021-04-12] (LINEOSOFT -> ) [Fichier non signé]
2021-08-12 23:36 - 2021-06-02 00:17 - 000000000 ____D C:\Users\grozb\AppData\Local\MSkgi2
2021-08-12 23:36 - 2021-04-09 23:46 - 000000000 ____D C:\Users\grozb\AppData\Local\MSwoy2
Task: {83DF0D76-8743-4716-83E4-698D724DD713} - System32\Tasks\ViGEmBusUpdater1 => C:\Users\grozb\AppData\Roaming\Java\start.bat [235 2021-08-06] () [Fichier non signé]
emptytemp:
end::