start:: closeprocesses: createrestorepoint:...

Édité le 10 mars 2023
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [66]
HKU\S-1-5-21-3620261194-687228319-2033083665-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-3620261194-687228319-2033083665-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-3620261194-687228319-2033083665-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-3620261194-687228319-2033083665-1001\Software\Classes\.cmd: => <==== ATTENTION
FirewallRules: [UDP Query User{6D50670D-67DF-4E76-9731-C9B342C22F61}E:2\flightsimulator.exe] => (Allow) E:2\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{9793EC03-E79C-4D26-B786-FAA616B3B50C}E:2\flightsimulator.exe] => (Allow) E:2\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{68D48E28-1DF2-4FE6-81A7-3065A81D5247}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{38FAFAB2-9666-4DAC-B4B5-3ADEC4E44FFA}E:4\flightsimulator.exe] => (Allow) E:4\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{94DA36D9-8BD9-4BC7-B6BC-7191DA4FA39B}E:3\flightsimulator.exe] => (Allow) E:3\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{D1B77514-8E4E-40F0-BCF2-A7743A84E366}E:3\flightsimulator.exe] => (Allow) E:3\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{6F1B4BB9-1B77-4D37-BD67-2D8FAB9EF26F}H:9\flightsimulator.exe] => (Allow) H:9\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{D888EFF6-E72F-483D-919E-B86283ACF6F3}H:9\flightsimulator.exe] => (Allow) H:9\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{99CE783C-8ACA-4AA3-80B8-409A614A3A9A}E:0\flightsimulator.exe] => (Allow) E:0\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{65CE8293-2359-4FC7-9CC8-B134122C96B2}E:0\flightsimulator.exe] => (Allow) E:0\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{3F963ED9-D6AA-4AD3-973B-DF2FA70EAF5C}H:7\flightsimulator.exe] => (Allow) H:7\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{120B94D3-8A4C-4DA9-AD54-AE2F05BF7DC0}H:7\flightsimulator.exe] => (Allow) H:7\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{69102AA3-225E-45E0-9D38-4D2588BC452A}H:8\flightsimulator.exe] => (Allow) H:8\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{C8198713-8C9A-4284-89BF-0DDF0B7C1C81}H:8\flightsimulator.exe] => (Allow) H:8\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{71B40745-3814-4E08-B81A-AD5B96C54434}E:1\flightsimulator.exe] => (Allow) E:1\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{DA5F53C4-3F01-4FF7-95F1-5500E640D613}E:1\flightsimulator.exe] => (Allow) E:1\flightsimulator.exe => Pas de fichier
FirewallRules: [UDP Query User{9705FE25-8C72-4FF8-8B21-B746A33BC582}H:7\flightsimulator.exe] => (Allow) H:7\flightsimulator.exe => Pas de fichier
FirewallRules: [TCP Query User{D9A525EF-BC41-4ABD-B8EF-F2A3919CB18F}H:7\flightsimulator.exe] => (Allow) H:7\flightsimulator.exe => Pas de fichier
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.64\Installer\chrmstp.exe [2023-03-07] (Google LLC -> Google LLC)
C:\Program Files\Google
C:\Program Files (x86)\Google
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {24C2B707-9325-4B4B-B640-CDF1FD1FEA2E} - System32\Tasks\ASUS Live Update2 => C:\Program Files\Google\Chrome\Application\chrome.exe [3221272 2023-03-04] (Google LLC -> Google LLC)
Task: {2C658B35-5D77-45B4-88BF-1F505DC666F5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Pas de fichier)
Task: {3A929A9E-CA3A-414F-8BDB-CFC5DFF45CAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-26] (Google LLC -> Google LLC)
Task: {8E6E8DD1-C54C-47E4-B2D8-4A1CF8969BAB} - System32\Tasks\Intelligent StandbyList Cleaner => E:\OneDrive\Desktop\ISLC v1.0.2.4\Intelligent standby list cleaner ISLC.exe (Pas de fichier)
Task: {9985246C-AF3A-46D8-8001-71F6BFCED30C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-26] (Google LLC -> Google LLC)
Task: {BB72C213-9EE1-4617-BFDC-D9CCFDEBD381} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC EngagedRebootReminder (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Pas de fichier)
Task: {F1047AF7-DB3A-4197-8EA0-04B94DE61E31} - System32\Tasks\SIMDB_75b6e096fc79c825286efd6614b8d0f4 => C:\Program Files (x86)\SIMDashboardServer\SIMDashboardServer.exe (Pas de fichier)
Edge Notifications: Default -> hxxps://calendar.google.com; hxxps://flightsim.to; hxxps://forums.commentcamarche.net; hxxps://fr.flightsim.to; hxxps://lesvieillestiges.forumgaming.fr; hxxps://mail.google.com; hxxps://waze.fr.softonic.com; hxxps://winamp.fr.softonic.com; hxxps://www.but.fr; hxxps://www.e-snes.org; hxxps://www.facebook.com; hxxps://www.oscaro.com
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2021-09-21] (Adobe Systems Incorporated -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [Pas de fichier]
C:\Users\jeang\AppData\Local\Google
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
FirewallRules: [{5E90A418-C7D2-487E-9B79-4BC204CD661E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
EndRegedit:
hosts:
emptytemp:
end::