start:: Hosts: Removeproxy: CreateRestorePoint: CloseProcesses: CustomCLSID: HKU\S-1-5-21-3858928769-646068876-3590021029-1001_Classes\CLSID\{8c00c85f-a8f0-4b54-b965-b310fad68c7b}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Pas de fichier AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] SearchScopes: HKU\S-1-5-21-3858928769-646068876-3590021029-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3858928769-646068876-3590021029-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FirewallRules: [TCP Query User{BB4066FD-4510-44F7-925B-D158A7C084B0}C:\mamp\bin\apache\bin\httpd.exe] => (Block) C:\mamp\bin\apache\bin\httpd.exe => Pas de fichier FirewallRules: [UDP Query User{0B6B75C3-1481-4AD3-B5ED-361CF5F6C823}C:\mamp\bin\apache\bin\httpd.exe] => (Block) C:\mamp\bin\apache\bin\httpd.exe => Pas de fichier FirewallRules: [TCP Query User{3240008F-FB81-4FD9-A2CE-CCBB5CFEF890}C:\mamp\bin\mysql\bin\mysqld.exe] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe => Pas de fichier FirewallRules: [UDP Query User{BD47C0B4-FA32-48BA-B5EC-2B3DC0CC5085}C:\mamp\bin\mysql\bin\mysqld.exe] => (Block) C:\mamp\bin\mysql\bin\mysqld.exe => Pas de fichier FirewallRules: [TCP Query User{14FF292C-50DE-49BD-8DAF-9720A18C2758}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => Pas de fichier FirewallRules: [UDP Query User{426E2B24-2CE5-48CF-84A0-EC1E1F2A2FE9}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => Pas de fichier FirewallRules: [{61A98CCB-1DFE-4547-916C-0CD7FCC5B432}] => (Block) C:\xampp\apache\bin\httpd.exe => Pas de fichier FirewallRules: [{27D18940-24AD-4F40-AA85-F5E3410F5DFB}] => (Block) C:\xampp\apache\bin\httpd.exe => Pas de fichier D:\Documents\Nouveau dossier\setup.exe ShortcutTarget: Proton Mail Bridge.lnk -> C:\Program Files\Proton AG\Proton Mail Bridge\Desktop-Bridge.exe (Pas de fichier) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> Pas de fichier <==== ATTENTION Task: {E09F8E20-04B9-44E6-B489-EFB5F23E8FA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Pas de fichier) Task: {FE17BE07-D18E-4189-A72C-0E2D15F26083} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => "%ProgramFiles%\RUXIM\PLUGscheduler.exe" (Pas de fichier CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] 2024-02-09 00:36 - 2024-02-09 10:57 - 000000000 ____D C:\Users\Etienne\AppData\Local\Avast Software 2024-02-09 00:31 - 2024-02-09 10:58 - 000000000 ____D C:\ProgramData\Avast Software IFEO\EOSnotify.exe: [Debugger] / IFEO\InstallAgent.exe: [Debugger] / IFEO\MoNotificationUx.exe: [Debugger] / IFEO\MusNotification.exe: [Debugger] / IFEO\MusNotificationUx.exe: [Debugger] / IFEO\remsh.exe: [Debugger] / IFEO\SihClient.exe: [Debugger] / IFEO\UpdateAssistant.exe: [Debugger] / IFEO\upfc.exe: [Debugger] / IFEO\UsoClient.exe: [Debugger] / IFEO\WaaSMedic.exe: [Debugger] / IFEO\WaasMedicAgent.exe: [Debugger] / IFEO\Windows10Upgrade.exe: [Debugger] / IFEO\Windows10UpgraderApp.exe: [Debugger] / StartBatch: For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\cookies.sqlite" Del /s /q "%%d\cookies.sqlite") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History" Endbatch: cmd: ipconfig /flushdns cmd: netsh advfirewall reset cmd: netsh winsock reset cmd: sfc /scannow EmptyEventLogs: EmptyTemp: end::