start::
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction
HKU\S-1-5-21-905969777-43035773-1705488793-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\renov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-905969777-43035773-1705488793-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\renov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-905969777-43035773-1705488793-1002\...\RunOnce: [Uninstall 22.141.0703.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\renov\AppData\Local\Microsoft\OneDrive\22.141.0703.0002" (Pas de fichier)
Task: {132D742E-D2DB-41BE-869F-8FC82B1FE3D5} - \Adobe Flash Player Updater -> Pas de fichier
Task: {89822E4F-7FD1-484B-B968-C958E85CD066} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25]
FF Extension: (Avast Online Security & Privacy) - C:\Users\renov\AppData\Roaming\Mozilla\Firefox\Profiles\vyjiah9d.default-release-1568016421349\Extensions\wrc@avast.com.xpi
CustomCLSID: HKU\S-1-5-21-905969777-43035773-1705488793-1002_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => Pas de fichier
EmptyTemp:
cmd: sfc /scannow
end::