start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-889478511-2832967634-380621702-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" -ToastActivated => Pas de fichier
CustomCLSID: HKU\S-1-5-21-889478511-2832967634-380621702-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => Pas de fichier
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\...\Run: [winlogui] => C:\WINDOWS\system32\winlogui.exe [5120 2021-09-05] (Microsoft Corporation) [Fichier non signé]
C:\WINDOWS\System32\winscomrssrv.dll
C:\WINDOWS\System32\winlogui.exe
C:\WINDOWS\System32\winrmsrv.exe
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-889478511-2832967634-380621702-1001\...\Run: [GalaxyClient] => [X]
Task: {13386803-2EB8-4491-8C84-1DBF9FE46AE0} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION
Task: {1DF24E94-8743-47CE-80CB-697F464E0347} - \GameFirstV -> Pas de fichier <==== ATTENTION
Task: {6B166713-FFF5-43E6-ABDE-14381F463520} - \ASUS\ASUSUpdateTaskMachineCore1d521c569f5b783 -> Pas de fichier <==== ATTENTION
Task: {7B93A8CA-0258-4A47-8BAA-2CDD48DCAF9A} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {97360564-1870-4559-B4F7-4C851A9BFADB} - \ASUS\ASUSUpdateTaskMachineUA -> Pas de fichier <==== ATTENTION
Task: {C32FA115-A66D-4543-875E-3EB828B5EA57} - \ASUS Hello -> Pas de fichier <==== ATTENTION
Task: {DA2D3C8F-8A0D-45CF-9D7D-435E2D913BE4} - \ASUS Promotion -> Pas de fichier <==== ATTENTION
Task: {F5AF6E4F-A26E-493C-A71B-3E620142B809} - \Microsoft\Windows\Speech\HeadsetButtonPress -> Pas de fichier <==== ATTENTION
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Pas de fichier]
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://fr.msn.com/?pc=UP97&ocid=UP97DHP","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87fjnhltxzm_ssg001920¶m1=y6bdVFVIsvuYsgEClQfz8NEPSp4FWG51g5cOG5gIsG73Y32HvShSMVp%2FzuaZ39CfnH9GASZVjkXydTMP5ToOcJlEgd3TB8npzv54ws9IOL8l2TAx7oFKzqXzcIbJAS8%2BvHSWNvxR4BOO0vzn%2FO0pSi%2Ftq3jackpKyp77btdY69ed3GA7HJCnID3%2Fd2c454UDGvNaEzuQCIr5hgy9dBT6Mo9KrgK0I%2FZ%2BDAUtSbVyScga1UfuMcrmOoBCLufW3fI9Qdlvr5uU5Dhz%2BHs34jnVlJO0ilupaiOTZMC3TLwFfOhwwdXlIkubIkVxqSm%2F4Q3tyoE4ZGit3PpHlAoNXLSC%2BSOInuMPgHyUgQpTeRMHdCe%2BbMfMdw1qihihDmnW18qGk%2BJ9rFKksp5eeh02osfYtA%3D%3D","hxxps://www.google.com/"
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe" [X]
2021-09-05 17:56 - 2021-09-05 17:56 - 002619392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartupCheckLibrary.dll
cmd: netsh advfirewall reset
cmd: DISM /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
emptytemp:
end::