start::
closeprocesses:
createrestorepoint:
AlternateDataStreams: C:\Users\Bureau\Downloads\adwcleaner_8.2.exe:BDU [0]
AlternateDataStreams: C:\Users\Bureau\Documents\attestation.jpeg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\Bureau\Documents\attestation.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
BHO: Pas de nom -> {008A81D7-5844-46B2-BE0A-FFBD4C1D5A29}' -> Pas de fichier
BHO-x32: Pas de nom -> {008A81D7-5844-46B2-BE0A-FFBD4C1D5A29}' -> Pas de fichier
FirewallRules: [{BB51C0A5-ED13-49F0-B55D-653374215BDE}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => Pas de fichier
FirewallRules: [{15C257C8-D7CA-48AF-8615-CBD8A20EB82F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => Pas de fichier
FirewallRules: [{8D16E76C-1F79-4329-9517-31075880DB65}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => Pas de fichier
FirewallRules: [{E5C5E844-B304-46AD-BB12-2548C7FF7377}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => Pas de fichier
FirewallRules: [{35AE805D-B074-4F65-A868-64B5E16426E5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => Pas de fichier
FirewallRules: [{EE92EA76-E12E-4986-97CB-5F07733AF35B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => Pas de fichier
FirewallRules: [TCP Query User{99032F08-6CBD-4F7E-890A-079A65DC4848}C:\users\bureau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bureau\appdata\roaming\spotify\spotify.exe => Pas de fichier
FirewallRules: [UDP Query User{8DAB6D3D-0BCB-4EDE-AAC6-ED8559F0955E}C:\users\bureau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bureau\appdata\roaming\spotify\spotify.exe => Pas de fichier
FirewallRules: [TCP Query User{AAA97740-D3D1-4393-933B-735AB6ED3E73}C:\users\bureau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bureau\appdata\roaming\spotify\spotify.exe => Pas de fichier
FirewallRules: [UDP Query User{57DB07DB-5DBF-40BB-ACC5-B21DB1D47533}C:\users\bureau\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bureau\appdata\roaming\spotify\spotify.exe => Pas de fichier
FirewallRules: [{C9F8BD13-E98F-4E1A-B629-39EC8919D289}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => Pas de fichier
FirewallRules: [{664081F3-A718-422E-AA59-7568C86781F0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => Pas de fichier
FirewallRules: [{B0B50CEB-5924-4045-B052-40F0C07BD355}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => Pas de fichier
FirewallRules: [{CBE9C549-2CC8-4DD0-8B64-779E23F14BAF}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => Pas de fichier
FirewallRules: [{B1243971-B338-4977-A346-31DA3531D028}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{2EB86388-1053-4FCB-9B62-0B8AF0F6AA9C}C:\brainbee\nexusprint\binwin\nexusprint.exe] => (Allow) C:\brainbee\nexusprint\binwin\nexusprint.exe => Pas de fichier
FirewallRules: [UDP Query User{22A9238E-DEC3-45D1-99C9-8A811AC37514}C:\brainbee\nexusprint\binwin\nexusprint.exe] => (Allow) C:\brainbee\nexusprint\binwin\nexusprint.exe => Pas de fichier
Startup: C:\Users\Bureau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nexusprint.lnk [2022-07-09]
ShortcutTarget: nexusprint.lnk -> C:\BrainBee\NexusPrint\binwin\NexusPrint.exe (Pas de fichier)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Notifications: Default -> hxxps://drive.google.com; hxxps://findmedia.biz; hxxps://mail.google.com; hxxps://nazirstore.azurewebsites.net; hxxps://watch-video.net; hxxps://www.facebook.com; hxxps://www.instagram.com
emptytemp:
end::