start::
closeprocesses:
createrestorepoint:
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (Pas de fichier)
HKU\S-1-5-21-1528770902-2776691055-3894807263-1002\...\Policies\Explorer: []
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Edge Notifications: Default -> hxxps://makepcsafeagain.com
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
S4 AGMService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe" [X]
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
FirewallRules: [TCP Query User{6F87D290-2C36-4FB8-9E57-8E93265CDED8}C:\users\oliv\desktop\anydesk.exe] => (Allow) C:\users\oliv\desktop\anydesk.exe => Pas de fichier
FirewallRules: [UDP Query User{934FC287-3EC6-44A3-911A-537F1DDD5891}C:\users\oliv\desktop\anydesk.exe] => (Allow) C:\users\oliv\desktop\anydesk.exe => Pas de fichier
FirewallRules: [{6197DE7C-2A7F-4DA2-9AC2-9C3017BB9162}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Pas de fichier
FirewallRules: [{B5AA309A-AEB1-4ED4-9D06-AECA7A2239B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Pas de fichier
emptytemp:
end::