start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-2490637805-4016848604-1412923610-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 ->  => Pas de fichier
Task: {70278B4E-A1E5-47FC-974A-8E058C3A1E42} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv7kjX1x => powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Windows\System32\A20D5528-8126-4F08-833E-C181C4745F61.ps1" <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe (Pas de fichier)
FF user.js: detected! => C:\Users\jacop\AppData\Roaming\Mozilla\Firefox\Profiles\3rvtjrsa.default\user.js [2022-11-11]
S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X]
S4 IMFEFSFileControl; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [X]
S4 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X]
emptytemp:
end::