start::
closeprocesses:
SystemRestore: On
createrestorepoint:
Task: {8AA66916-4453-49E5-8389-23BABF086662} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\drall\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-03-19] (ESET, spol. s r.o. -> ESET)
Task: {D60A3223-D292-45C4-AFD7-B6FC42C8D534} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\drall\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2024-03-19] (ESET, spol. s r.o. -> ESET)
Task: {028B586B-5A11-4A5B-92F2-6539870CDEB1} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1
Task: {34A1D036-00C4-4B30-A8B0-3A6AA6720DA6} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [455680 2024-02-14] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\drall\AppData\Roaming\Winsoft\core.ps1 <==== ATTENTION
C:\Users\drall\AppData\Roaming\Winsoft
C:\WINDOWS\mid.ps1
S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X]
S3 IMFEFSFileControl; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X]
C:\Program Files (x86)\IObit
2024-05-07 15:33 - 2023-12-09 22:49 - 000000819 _____ C:\Windows\mid.ps1
2024-05-07 15:33 - 2023-12-08 15:59 - 082012672 _____ C:\Windows\svshost.exe
2024-05-07 15:33 - 2023-06-10 23:29 - 000000202 _____ C:\Windows\bb.bat
2024-05-07 15:33 - 2023-06-10 16:55 - 000000020 _____ C:\Windows\C
2024-05-08 16:36 - 2024-02-17 21:56 - 000001278 _____ C:\Users\drall\OneDrive\Bureau\ESET Online Scanner.lnk
2024-05-08 16:36 - 2024-01-06 12:38 - 000001378 _____ C:\Users\drall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-04-21 17:50 - 2024-01-06 13:49 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2024-04-21 17:50 - 2024-01-06 13:49 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
EndRegedit:
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Pas de fichier
cmd: netsh advfirewall reset
cmd: DISM /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
emptytemp:
end::